2012 CVEs
5939 CVEs published in 2012. 83 critical, 182 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-6069 | Critical | 10.0 | 2013-01-21 | The CoDeSys Runtime Toolkit’s file transfer functionality does not perform input validation, which allows an attacker to access files and directories outside… |
CVE-2012-1516 | Critical | 9.9 | 2012-05-04 | The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of… |
CVE-2012-10063 | Critical | 9.8 | 2025-10-30 | Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager (CCM) interface. Authenticated users could… |
CVE-2012-10060 | Critical | 9.8 | 2025-08-13 | Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username dur… |
CVE-2012-10054 | Critical | 9.8 | 2025-08-13 | Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRS… |
CVE-2012-10030 | Critical | 9.8 | 2025-08-05 | FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system director… |
CVE-2012-10023 | Critical | 9.8 | 2025-08-05 | A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER comman… |
CVE-2012-10021 | Critical | 9.8 | 2025-07-31 | A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function… |
CVE-2012-10020 | Critical | 9.8 | 2025-07-22 | The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and… |
CVE-2012-10019 | Critical | 9.8 | 2025-07-19 | The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions befor… |
CVE-2012-5872 | Critical | 9.8 | 2023-04-26 | ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause. |
CVE-2012-2666 | Critical | 9.8 | 2021-07-09 | golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and execute… |
CVE-2012-10001 | Critical | 9.8 | 2021-01-06 | The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to condu… |
CVE-2012-0828 | Critical | 9.8 | 2020-02-21 | Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service… |
CVE-2012-1124 | Critical | 9.8 | 2020-02-11 | SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms paramete… |
CVE-2012-6611 | Critical | 9.8 | 2020-02-10 | An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.1… |
CVE-2012-6306 | Critical | 9.8 | 2020-02-06 | A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF file. |
CVE-2012-5686 | Critical | 9.8 | 2020-02-04 | ZPanel 10.0.1 has insufficient entropy for its password reset process. |
CVE-2012-5618 | Critical | 9.8 | 2020-02-04 | Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. |
CVE-2012-1495 | Critical | 9.8 | 2020-01-27 | install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. |