CVE Tools
Sign in
month report

January 2012

Data as of Jun 4, 2026, 13:25 UTCSnapshot v1 Sources NVD+CISA KEV+EPSS+Nuclei templates Methodology →

January 2012 closed with 316 published CVEs-20.4% YoY . 39 criticals, oracle led volume, mostly via mysql. Biggest breakout: openssl at ×8.0 their 12-month median. Top weakness class — CWE-79 (42 CVE). 10 vendors cracked the top-100 for the first time.

Print view
Total CVEs
316
— MoM-20.4% YoY
Severity mix
39 / 38
critical / high
KEV added
0
0 ransomware-linked
Nuclei coverage
2.8%
9 CVEs with templates

Time to exploit

How fast the community ships detection after a CVE drops.

Days → Nuclei (median)
5159.2
n=9
Within 7 days
0.0%
Within 30 days
0.0%
Days → KEV (median)
3666
n=1
Weakness × Vendor

What's spreading where in January 2012

Cells shaded by share of vendor's hottest weakness. Click any cell to open the CWE history.

79XSS264CWE-264119Memory Buffer Bounds200Information Exposure399CWE-39920Improper Input Validation89SQL Injection94Code Injection22Path Traversal287Improper Authenticationoraclemysqlapache412121ibm42111sitracker3232maven312121google11linux3211microsoft11openssl5sunredhat111

Breakout vendors

CVE count ≥3× their own 12-period median.

First time in top-100

Vendors never in top-100 in the prior 24 periods.

Top vendors

Ranked by distinct CVE count this period.

  • 1oracle
    66 CVECVSS 4.0
    mysql (27) · fusion middleware (9) · jd edwards enterpriseone tools (8)
  • 2mysql
    17 CVECVSS 3.9
    mysql (17)
  • 3apache
    16 CVE1 critCVSS 5.3
    KEV 1Nuclei 2PoC 6
    tomcat (7) · struts (5) · http server (3)
  • 4ibm
    15 CVE6 critCVSS 6.7
    websphere application server (6) · spss dimensions (2) · spss data collection (2)
  • 5sitracker
    15 CVECVSS 5.9
    NEWPoC 7
    support incident tracker (15)
  • 6maven
    13 CVE1 critCVSS 6.1
    KEV 1Nuclei 2PoC 5
    org.apache.tomcat:tomcat (7) · org.apache.struts.xwork:xwork-core (4) · org.apache.struts:struts2-core (3)
  • 7google
    11 CVE2 critCVSS 7.8
    chrome (8) · android (2) · chrome os (1)
  • 8linux
    8 CVECVSS 4.3
    PoC 2
    linux kernel (8)
  • 9microsoft
    8 CVE5 critCVSS 8.6
    windows server 2008 (6) · windows xp (6) · windows server 2003 (6)
  • 10openssl
    8 CVE1 critCVSS 5.5
    ×8.0
    openssl (8)
  • 11sun
    8 CVECVSS 4.3
    sunos (8)
  • 12gentoo foundation inc.
    7 CVECVSS 5.2
    gentoo linux (7)
  • 13redhat
    7 CVECVSS 5.3
    enterprise linux workstation (3) · enterprise linux desktop (3) · enterprise linux server (3)
  • 14hp
    6 CVE4 critCVSS 8.7
    easy printer care software (2) · storageworks p2000 g3 msa fc\/iscsi dual combo controller lff array system (1) · diagnostics (1)
  • 15novell inc.
    6 CVECVSS 5.0
    opensuse (4) · suse linux enterprise (2)
  • 16siemens
    6 CVE1 critCVSS 6.3
    NEW
    automation license manager (4) · tecnomatix factorylink (2)
  • 17adobe
    5 CVE3 critCVSS 8.8
    acrobat (5) · reader (5)
  • 18debian
    5 CVECVSS 5.3
    debian linux (5)
  • 19wordpress
    5 CVECVSS 4.9
    NEW×5.0Nuclei 1PoC 4
    wordpress (5)
  • 20apache software foundation
    4 CVE1 critCVSS 7.0
    KEV 1Nuclei 1PoC 4
    struts (4)
  • 21apple
    4 CVECVSS 7.5
    iphone os (4) · safari (3) · itunes (2)
  • 22mozilla
    4 CVECVSS 6.2
    PoC 1
    bugzilla (4)
  • 23openssl software foundation
    4 CVECVSS 4.8
    ×4.0
    openssl (4)
  • 24splunk
    4 CVE1 critCVSS 5.5
    PoC 3
    splunk (4)
  • 25suse
    4 CVECVSS 4.6
    PoC 1
    linux enterprise server (4) · linux enterprise software development kit (2)
  • 26tencent
    4 CVECVSS 5.8
    NEW
    microblogpad (1) · mobileqq (1) · qqpimsecure (1)
  • 27сообщество свободного программного обеспечения
    4 CVECVSS 5.3
    PoC 1
    debian gnu/linux (4) · encode module (1) · perl (1)
  • 28flexerasoftware
    3 CVE2 critCVSS 7.4
    NEW
    flexnet publisher (2) · installshield (1)
  • 29hitachi
    3 CVE1 critCVSS 7.7
    it operations director (1) · cobol2002 net server suite (1) · cobol2002 net client suite (1)
  • 30ibm corp.
    3 CVECVSS 6.1
    Nuclei 1PoC 3
    ibm call center for commerce (3)
  • 31maradns
    3 CVECVSS 5.0
    NEW×3.0
    maradns (3)
  • 32schneider electric
    3 CVE1 critCVSS 7.8
    NEW
    modicon m340 (3)
  • 33schneider-electric
    3 CVE1 critCVSS 7.8
    NEW
    modicon quantum plc (3)
  • 34stone-ware
    3 CVECVSS 6.2
    NEW
    webnetwork (3)
  • 35360
    2 CVECVSS 5.8
    NEW
    kouxin (1) · mobilesafe (1)
  • 36cisco
    2 CVE2 critCVSS 9.7
    digital media manager (1) · ip video phone e20 (1) · telepresence e20 software (1)
  • 37cogentdatahub
    2 CVECVSS 5.0
    NEW
    cascade datahub (2) · cogent datahub (2) · opc datahub (2)
  • 38e107
    2 CVECVSS 4.7
    e107 (2)
  • 39emc
    2 CVE1 critCVSS 5.7
    networker (1) · sourceone email management (1)
  • 40gnu
    2 CVE1 critCVSS 6.8
    emacs (1) · gnutls (1)
  • 41horde
    2 CVECVSS 4.3
    groupware webmail edition (2) · dynamic imp (1) · imp (1)
  • 42mediawiki
    2 CVECVSS 5.0
    mediawiki (2)
  • 43ntrglobal
    2 CVE2 critCVSS 9.3
    NEWPoC 2
    ntr activex control (2)
  • 44opensuse
    2 CVECVSS 4.5
    opensuse (2)
  • 45oscommerce
    2 CVECVSS 4.3
    NEW
    oscommerce (2) · online merchant (1)
  • 46packagist
    2 CVECVSS 4.3
    phpmyadmin/phpmyadmin (2)
  • 47pfsense
    2 CVECVSS 5.9
    NEW
    pfsense (2)
  • 48php
    2 CVECVSS 5.0
    PoC 2
    php (2)
  • 49phpmyadmin
    2 CVECVSS 4.3
    phpmyadmin (2)
  • 50red hat inc.
    2 CVECVSS 4.7
    PoC 1
    red hat enterprise linux (2)

Top weaknesses

CWE classes by distinct CVE count.

1CWE-7942
2CWE-26435
3CWE-11919
4CWE-20016
5CWE-39913
6CWE-2011
7CWE-8911
8CWE-9411
9CWE-229
10CWE-2877
11CWE-7877
12CWE-3106
13CWE-3526
14CWE-1895
15CWE-4164
16CWE-2552
17CWE-4002
18CWE-1901
19CWE-2761
20CWE-591