CVEs from 2018
Total
2,860
critical
critical 238
high
high 329
medium
medium 260
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- mitel 8
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12376 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to … | |||
| CVE-2018-6156 | critical | — | 9.5 | — | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | |||
| CVE-2018-18503 | critical | — | 9.5 | — | When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < … | |||
| CVE-2018-6102 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-17474 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6116 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6089 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-11354 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. | |||
| CVE-2018-17467 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5163 | critical | — | 9.5 | — | If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode… | |||
| CVE-2018-11359 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | |||
| CVE-2018-6099 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5183 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-1000085 | critical | — | 9.5 | — | ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit cha… | |||
| CVE-2018-6091 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6093 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6094 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6110 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6096 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12359 | critical | — | 9.5 | — | A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundari… | |||
| CVE-2018-6101 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5125 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… | |||
| CVE-2018-12358 | critical | — | 9.5 | — | Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability … | |||
| CVE-2018-17475 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12360 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulne… | |||
| CVE-2018-1057 | critical | — | 9.5 | — | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' … | |||
| CVE-2018-5181 | critical | — | 9.5 | — | If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to p… | |||
| CVE-2018-12361 | critical | — | 9.5 | — | An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which resul… | |||
| CVE-2018-18504 | critical | — | 9.5 | — | A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possi… | |||
| CVE-2018-12367 | critical | — | 9.5 | — | In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTimi… | |||
| CVE-2018-0202 | critical | — | 9.5 | — | clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is… | |||
| CVE-2018-12362 | critical | — | 9.5 | — | An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects … | |||
| CVE-2018-5160 | critical | — | 9.5 | — | WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a pot… | |||
| CVE-2018-6098 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18354 | critical | — | 9.5 | — | Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page. | |||
| CVE-2018-5167 | critical | — | 9.5 | — | The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be … | |||
| CVE-2018-5172 | critical | — | 9.5 | — | The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site… | |||
| CVE-2018-5173 | critical | — | 9.5 | — | The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially exe… | |||
| CVE-2018-5175 | critical | — | 9.5 | — | A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could i… | |||
| CVE-2018-5176 | critical | — | 9.5 | — | The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" link… | |||
| CVE-2018-5180 | critical | — | 9.5 | — | A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief… | |||
| CVE-2018-12378 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploita… | |||
| CVE-2018-5186 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… | |||
| CVE-2018-5187 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to ru… | |||
| CVE-2018-5188 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could… | |||
| CVE-2018-12371 | critical | — | 9.5 | — | An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting i… | |||
| CVE-2018-6090 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12373 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-18359 | critical | — | 9.5 | — | Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||
| CVE-2018-12372 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-19876 | critical | — | 9.5 | — | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid… | |||
| CVE-2018-5147 | critical | — | 9.5 | — | The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firef… | |||
| CVE-2018-6086 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12407 | critical | — | 9.5 | — | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially explo… | |||
| CVE-2018-18640 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-6109 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18645 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-18648 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-12389 | critical | — | 9.5 | — | arbitrary code execution in thunderbird | |||
| CVE-2018-12383 | critical | — | 9.5 | — | If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… | |||
| CVE-2018-12377 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exp… | |||
| CVE-2018-5162 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-19625 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. | |||
| CVE-2018-19622 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. | |||
| CVE-2018-11360 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu… | |||
| CVE-2018-11358 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre… | |||
| CVE-2018-11357 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | |||
| CVE-2018-11355 | critical | — | 9.5 | — | In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. | |||
| CVE-2018-11356 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in … | |||
| CVE-2018-19623 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. T… | |||
| CVE-2018-18641 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-6105 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6112 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-1000222 | critical | — | 9.5 | — | Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted … | |||
| CVE-2018-6087 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6088 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12397 | critical | — | 9.5 | — | A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to … | |||
| CVE-2018-12398 | critical | — | 9.5 | — | By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63. | |||
| CVE-2018-12386 | critical | — | 9.5 | — | A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… | |||
| CVE-2018-12390 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |||
| CVE-2018-18340 | critical | — | 9.5 | — | Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-5144 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-1000300 | critical | — | 9.5 | — | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based me… | |||
| CVE-2018-18345 | critical | — | 9.5 | — | Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a … | |||
| CVE-2018-5155 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, … | |||
| CVE-2018-5764 | critical | — | 9.5 | — | The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection me… | |||
| CVE-2018-17477 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18348 | critical | — | 9.5 | — | Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a c… | |||
| CVE-2018-6114 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12395 | critical | — | 9.5 | — | By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are o… | |||
| CVE-2018-17469 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-10529 | critical | — | 9.5 | — | An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. | |||
| CVE-2018-18342 | critical | — | 9.5 | — | Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker t… | |||
| CVE-2018-18338 | critical | — | 9.5 | — | Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-18352 | critical | — | 9.5 | — | Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a cr… | |||
| CVE-2018-17465 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5166 | critical | — | 9.5 | — | WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have exp… | |||
| CVE-2018-5150 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of the… | |||
| CVE-2018-5154 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < … | |||
| CVE-2018-5182 | critical | — | 9.5 | — | If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy a… |