CVEs from 2018
Total
2,856
critical
critical 238
high
high 331
medium
medium 263
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- arm 9
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11039 | unknown | — | — | 8y ago | Spring Framework Cross Site Tracing (XST) | |||
| CVE-2018-8008 | unknown | — | — | 8y ago | ZipSlip in org.apache.storm:storm-core | |||
| CVE-2018-1000632 | unknown | — | — | 8y ago | Dom4j contains a XML Injection vulnerability | |||
| CVE-2018-1000807 | unknown | — | — | 8y ago | Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possibl… | |||
| CVE-2018-1000808 | unknown | — | — | 8y ago | Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denia… | |||
| CVE-2018-14041 | unknown | — | — | 8y ago | Bootstrap Cross-site Scripting vulnerability | |||
| CVE-2018-25025 | unknown | — | — | 8y ago | Multiple memory safety issues | |||
| CVE-2018-25026 | unknown | — | — | 8y ago | Multiple memory safety issues | |||
| CVE-2018-25024 | unknown | — | — | 8y ago | Multiple memory safety issues | |||
| CVE-2018-20997 | unknown | — | — | 8y ago | An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. |