CVEs from 2018

2,853 normalized CVEs published or assigned in this year.

Total
2,853
critical
critical 238
high
high 331
medium
medium 263
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%

Top products

  • core_i7 379
  • core_i5 375
  • core_i3 242
  • xeon_e5 82
  • xeon_e7 62
  • xeon_e3 58
  • xeon_gold 33
  • atom_z 30
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2018-20457 unknown In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an ar…
CVE-2018-20458 unknown In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a…
CVE-2018-20459 unknown In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembl…
CVE-2018-20461 unknown In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.
CVE-2018-8808 unknown In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex …
CVE-2018-8809 unknown In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex …
CVE-2018-8810 unknown In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a craf…
CVE-2018-20066 unknown Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-20070 unknown Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2018-20073 unknown Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem.
CVE-2018-14612 unknown An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group m…
CVE-2018-11712 unknown WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification…
CVE-2018-4201 unknown An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected…
CVE-2018-4213 unknown In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This is…
CVE-2018-4214 unknown An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected…
CVE-2018-4232 unknown An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected…
CVE-2018-4246 unknown An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected…
CVE-2018-4311 unknown The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-4261 unknown Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windo…
CVE-2018-4263 unknown Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windo…
CVE-2018-4262 unknown In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory ha…
CVE-2018-15919 unknown Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states …
CVE-2018-4264 unknown Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, i…
CVE-2018-4265 unknown Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windo…
CVE-2018-4266 unknown A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iClo…
CVE-2018-4316 unknown A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-4319 unknown A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for…
CVE-2018-20067 unknown A renderer initiated back navigation was incorrectly allowed to cancel a browser initiated one in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to confuse the user about…
CVE-2018-20069 unknown Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page …
CVE-2018-20068 unknown Incorrect handling of 304 status codes in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page.
CVE-2018-20072 unknown Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low)
CVE-2018-10883 unknown A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operati…
CVE-2018-1092 unknown The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (e…
CVE-2018-1093 unknown The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 ima…
CVE-2018-1108 unknown kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for th…
CVE-2018-11987 unknown In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in w…
CVE-2018-18281 unknown Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the…
CVE-2018-18653 unknown The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loadin…
CVE-2018-19407 unknown The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that…
CVE-2018-20449 unknown The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
CVE-2018-20510 unknown The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines …
CVE-2018-9363 unknown In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exp…
CVE-2018-9517 unknown In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not nee…
CVE-2018-9518 unknown In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privilege…
CVE-2018-9568 unknown In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interact…
CVE-2018-19974 unknown In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (no…
CVE-2018-19975 unknown In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
CVE-2018-12565 unknown An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur.
CVE-2018-12563 unknown An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavas…
CVE-2018-12564 unknown An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on…
CVE-2018-12040 unknown Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _pro…
CVE-2018-14618 unknown curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to fig…
CVE-2018-16435 unknown Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafte…
CVE-2018-19052 unknown An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_…
CVE-2018-4209 unknown In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This is…
CVE-2018-4212 unknown In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This is…
CVE-2018-5107 unknown The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbit…
CVE-2018-5101 unknown A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
CVE-2018-5105 unknown WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consen…
CVE-2018-5106 unknown Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor…
CVE-2018-5110 unknown If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. Note: This vulnerability only affect…
CVE-2018-5114 unknown If an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the chan…
CVE-2018-5115 unknown If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the rea…
CVE-2018-5116 unknown WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins…
CVE-2018-5126 unknown Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c…
CVE-2018-5103 unknown A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird <…
CVE-2018-16846 unknown It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.
CVE-2018-5174 unknown In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potential…
CVE-2018-11806 unknown m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2018-12608 unknown 2y ago An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows sy…
CVE-2018-25068 unknown 4y ago globalpom-utils has Insecure Temporary File
CVE-2018-18855 unknown 4y ago Uncontrolled Resource Consumption in Spray JSON
CVE-2018-10899 unknown 4y ago Cross-Site Request Forgery in Jolokia
CVE-2018-17196 unknown 4y ago Improper Input Validation in Apache Kafka
CVE-2018-1000010 unknown 4y ago XXE vulnerability in Jenkins DRY Plugin
CVE-2018-1000008 unknown 4y ago XXE vulnerability in Jenkins PMD Plugin
CVE-2018-1000009 unknown 4y ago XXE vulnerability in Jenkins Checkstyle Plugin
CVE-2018-1000011 unknown 4y ago XML External Entity Reference in Jenkins FindBugs Plugin
CVE-2018-1000014 unknown 4y ago CSRF vulnerability in Jenkins Translation Assistance plugin
CVE-2018-1000013 unknown 4y ago CSRF vulnerability in Jenkins Release plugin
CVE-2018-1000012 unknown 4y ago XXE vulnerability Jenkins Warnings Plugin
CVE-2018-1192 unknown 4y ago Cloud Foundry UAA SessionID present in Audit Event Logs
CVE-2018-1000056 unknown 4y ago Improper Restriction of XML External Entity Reference in Jenkins JUnit Plugin
CVE-2018-1000055 unknown 4y ago XXE vulnerability in Jenkins Android Lint Plugin
CVE-2018-1000058 unknown 4y ago Arbitrary code execution due to incomplete sandbox protection in Pipeline: Supporting APIs Plugin
CVE-2018-1000054 unknown 4y ago Jenkins CCM Plugin vulnerable to Improper Restriction of XML External Entity Reference
CVE-2018-1316 unknown 4y ago Apache ODE Path Traversal vulnerability
CVE-2018-1000108 unknown 4y ago Reflected cross-site-scripting vulnerability in report URL of Jenkins CppNCSS Plugin
CVE-2018-1000113 unknown 4y ago Stored cross-site scripting vulnerability in Jenkins TestLink Plugin
CVE-2018-1000144 unknown 4y ago Jenkins Cucumber Living Documentation Plugin Cross-site Scripting vulnerability
CVE-2018-1000151 unknown 4y ago Jenkins vSphere Plugin disables SSL/TLS certificate validation by default
CVE-2018-1000150 unknown 4y ago Jenkins Reverse Proxy Auth Plugin allows attackers with local file system access to obtain a list of authorities for logged in users
CVE-2018-1000147 unknown 4y ago Jenkins Perforce Plugin exposure of sensitive information vulnerability exists
CVE-2018-1000142 unknown 4y ago Jenkins GitHub Pull Request Builder Plugin allows attacker with local file system access to obtain GitHub credentials
CVE-2018-1000143 unknown 4y ago Jenkins GitHub Pull Request Builder Plugin
CVE-2018-1000148 unknown 4y ago Jenkins Copy To Slave Plugin allows access to arbitrary files on the Jenkins controller file system
CVE-2018-1000153 unknown 4y ago Jenkins vSphere Plugin Cross-Site Request Forgery vulnerability
CVE-2018-1000173 unknown 4y ago Jenkins Google Login Plugin Session Fixation vulnerability
CVE-2018-1000174 unknown 4y ago Jenkins Google Login Plugin Open Redirect vulnerability
CVE-2018-1000175 unknown 4y ago Jenkins HTML Publisher Plugin path traversal vulnerability