CVEs from 2018
Total
2,842
critical
critical 238
high
high 331
medium
medium 263
low
low 39
% Critical
8.4%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- arm 9
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-10892 | unknown | — | — | — | The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disa… | |||
| CVE-2018-25008 | unknown | — | — | — | In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. | |||
| CVE-2018-1000810 | unknown | — | — | — | The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard lib… | |||
| CVE-2018-14663 | unknown | — | — | — | An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record wh… | |||
| CVE-2018-5247 | unknown | — | — | — | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. | |||
| CVE-2018-5344 | unknown | — | — | — | In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have uns… | |||
| CVE-2018-6307 | unknown | — | — | — | LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. | |||
| CVE-2018-5101 | unknown | — | — | — | A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58. | |||
| CVE-2018-5107 | unknown | — | — | — | The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbit… | |||
| CVE-2018-20750 | unknown | — | — | — | LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | |||
| CVE-2018-16646 | unknown | — | — | — | In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. | |||
| CVE-2018-5814 | unknown | — | — | — | In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-afte… | |||
| CVE-2018-5995 | unknown | — | — | — | The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call. | |||
| CVE-2018-10768 | unknown | — | — | — | There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Late… | |||
| CVE-2018-19058 | unknown | — | — | — | An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded … | |||
| CVE-2018-6532 | unknown | — | — | — | An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering … | |||
| CVE-2018-6534 | unknown | — | — | — | An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted messages, an attacker can cause a NULL pointer dereference, which can cause the product to crash. | |||
| CVE-2018-6536 | unknown | — | — | — | An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes … | |||
| CVE-2018-13988 | unknown | — | — | — | Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corr… | |||
| CVE-2018-6554 | unknown | — | — | — | Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory con… | |||
| CVE-2018-6559 | unknown | — | — | — | The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user … | |||
| CVE-2018-7566 | unknown | — | — | — | The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | |||
| CVE-2018-7858 | unknown | — | — | — | Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash)… | |||
| CVE-2018-6535 | unknown | — | — | — | An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker. | |||
| CVE-2018-8019 | unknown | — | — | — | When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly ident… | |||
| CVE-2018-4210 | unknown | — | — | — | In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This … | |||
| CVE-2018-5109 | unknown | — | — | — | An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, lea… | |||
| CVE-2018-1139 | unknown | — | — | — | A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to re… | |||
| CVE-2018-5104 | unknown | — | — | — | A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbi… | |||
| CVE-2018-5092 | unknown | — | — | — | A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerabil… | |||
| CVE-2018-20749 | unknown | — | — | — | LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | |||
| CVE-2018-5148 | unknown | — | — | — | A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable … | |||
| CVE-2018-16542 | unknown | — | — | — | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | |||
| CVE-2018-19478 | unknown | — | — | — | In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. | |||
| CVE-2018-4372 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Window… | |||
| CVE-2018-4270 | unknown | — | — | — | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for… | |||
| CVE-2018-18954 | unknown | — | — | — | The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. | |||
| CVE-2018-5098 | unknown | — | — | — | A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects… | |||
| CVE-2018-18510 | unknown | — | — | — | The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persist… | |||
| CVE-2018-1140 | unknown | — | — | — | A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used a… | |||
| CVE-2018-15911 | unknown | — | — | — | In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially exec… | |||
| CVE-2018-5103 | unknown | — | — | — | A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird <… | |||
| CVE-2018-10839 | unknown | — | — | — | Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the netw… | |||
| CVE-2018-16847 | unknown | — | — | — | An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to cras… | |||
| CVE-2018-16872 | unknown | — | — | — | A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the… | |||
| CVE-2018-18849 | unknown | — | — | — | In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. | |||
| CVE-2018-17963 | unknown | — | — | — | qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | |||
| CVE-2018-5683 | unknown | — | — | — | The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | |||
| CVE-2018-18438 | unknown | — | — | — | Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. | |||
| CVE-2018-19489 | unknown | — | — | — | v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. | |||
| CVE-2018-19665 | unknown | — | — | — | The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. | |||
| CVE-2018-7550 | unknown | — | — | — | The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss… | |||
| CVE-2018-20126 | unknown | — | — | — | hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | |||
| CVE-2018-20216 | unknown | — | — | — | QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). | |||
| CVE-2018-12608 | unknown | — | — | 2y ago | An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows sy… | |||
| CVE-2018-25068 | unknown | — | — | 4y ago | globalpom-utils has Insecure Temporary File | |||
| CVE-2018-18855 | unknown | — | — | 4y ago | Uncontrolled Resource Consumption in Spray JSON | |||
| CVE-2018-10899 | unknown | — | — | 4y ago | Cross-Site Request Forgery in Jolokia | |||
| CVE-2018-17196 | unknown | — | — | 4y ago | Improper Input Validation in Apache Kafka | |||
| CVE-2018-1000009 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins Checkstyle Plugin | |||
| CVE-2018-1000008 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins PMD Plugin | |||
| CVE-2018-1000010 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins DRY Plugin | |||
| CVE-2018-1000011 | unknown | — | — | 4y ago | XML External Entity Reference in Jenkins FindBugs Plugin | |||
| CVE-2018-1000012 | unknown | — | — | 4y ago | XXE vulnerability Jenkins Warnings Plugin | |||
| CVE-2018-1000014 | unknown | — | — | 4y ago | CSRF vulnerability in Jenkins Translation Assistance plugin | |||
| CVE-2018-1000013 | unknown | — | — | 4y ago | CSRF vulnerability in Jenkins Release plugin | |||
| CVE-2018-1192 | unknown | — | — | 4y ago | Cloud Foundry UAA SessionID present in Audit Event Logs | |||
| CVE-2018-1000056 | unknown | — | — | 4y ago | Improper Restriction of XML External Entity Reference in Jenkins JUnit Plugin | |||
| CVE-2018-1000055 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins Android Lint Plugin | |||
| CVE-2018-1000058 | unknown | — | — | 4y ago | Arbitrary code execution due to incomplete sandbox protection in Pipeline: Supporting APIs Plugin | |||
| CVE-2018-1000054 | unknown | — | — | 4y ago | Jenkins CCM Plugin vulnerable to Improper Restriction of XML External Entity Reference | |||
| CVE-2018-1316 | unknown | — | — | 4y ago | Apache ODE Path Traversal vulnerability | |||
| CVE-2018-1000113 | unknown | — | — | 4y ago | Stored cross-site scripting vulnerability in Jenkins TestLink Plugin | |||
| CVE-2018-1000108 | unknown | — | — | 4y ago | Reflected cross-site-scripting vulnerability in report URL of Jenkins CppNCSS Plugin | |||
| CVE-2018-1000144 | unknown | — | — | 4y ago | Jenkins Cucumber Living Documentation Plugin Cross-site Scripting vulnerability | |||
| CVE-2018-1000151 | unknown | — | — | 4y ago | Jenkins vSphere Plugin disables SSL/TLS certificate validation by default | |||
| CVE-2018-1000150 | unknown | — | — | 4y ago | Jenkins Reverse Proxy Auth Plugin allows attackers with local file system access to obtain a list of authorities for logged in users | |||
| CVE-2018-1000147 | unknown | — | — | 4y ago | Jenkins Perforce Plugin exposure of sensitive information vulnerability exists | |||
| CVE-2018-1000142 | unknown | — | — | 4y ago | Jenkins GitHub Pull Request Builder Plugin allows attacker with local file system access to obtain GitHub credentials | |||
| CVE-2018-1000143 | unknown | — | — | 4y ago | Jenkins GitHub Pull Request Builder Plugin | |||
| CVE-2018-1000148 | unknown | — | — | 4y ago | Jenkins Copy To Slave Plugin allows access to arbitrary files on the Jenkins controller file system | |||
| CVE-2018-1000153 | unknown | — | — | 4y ago | Jenkins vSphere Plugin Cross-Site Request Forgery vulnerability | |||
| CVE-2018-1000173 | unknown | — | — | 4y ago | Jenkins Google Login Plugin Session Fixation vulnerability | |||
| CVE-2018-1000174 | unknown | — | — | 4y ago | Jenkins Google Login Plugin Open Redirect vulnerability | |||
| CVE-2018-1000176 | unknown | — | — | 4y ago | Jenkins Email Extension Plugin showed plain text SMTP password in configuration form field | |||
| CVE-2018-1000175 | unknown | — | — | 4y ago | Jenkins HTML Publisher Plugin path traversal vulnerability | |||
| CVE-2018-1000177 | unknown | — | — | 4y ago | Stored XSS vulnerability in Jenkins S3 Publisher Plugin | |||
| CVE-2018-1310 | unknown | — | — | 4y ago | Apache NiFi JMS Deserialization issue | |||
| CVE-2018-1309 | unknown | — | — | 4y ago | Improper Restriction of XML External Entity Reference in Apache NiFi | |||
| CVE-2018-11651 | unknown | — | — | 4y ago | Cross-site Scripting in Graylog | |||
| CVE-2018-11650 | unknown | — | — | 4y ago | Cross-site Scripting in Graylog Server | |||
| CVE-2018-1000182 | unknown | — | — | 4y ago | Server-Side Request Forgery in Jenkins Git Plugin | |||
| CVE-2018-1000184 | unknown | — | — | 4y ago | Jenkins GitHub Plugin server-side request forgery vulnerability exists | |||
| CVE-2018-1000186 | unknown | — | — | 4y ago | Jenkins GitHub Pull Request Builder Plugin credential capture vulnerability | |||
| CVE-2018-1000188 | unknown | — | — | 4y ago | Jenkins CAS Plugin Server-Side Request Forgery vulnerability | |||
| CVE-2018-1000187 | unknown | — | — | 4y ago | Exposure of Sensitive Information in Jenkins Kubernetes Plugin | |||
| CVE-2018-1000185 | unknown | — | — | 4y ago | Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery | |||
| CVE-2018-1000183 | unknown | — | — | 4y ago | Jenkins GitHub Plugin exposure of sensitive information vulnerability exists | |||
| CVE-2018-1000202 | unknown | — | — | 4y ago | Jenkins Groovy Postbuild Plugin vulnerable to Cross-site Scripting | |||
| CVE-2018-1000196 | unknown | — | — | 4y ago | Jenkins Gitlab Hook Plugin stores and displays GitLab API token in plain text |