CVEs from 2018
Total
2,887
critical
critical 238
high
high 329
medium
medium 259
low
low 39
% Critical
8.2%
% with KEV
3.1%
% with exploit
9.0%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- mitel 8
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12397 | critical | — | 9.5 | — | A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to … | |||
| CVE-2018-6101 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18500 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a pote… | |||
| CVE-2018-12399 | critical | — | 9.5 | — | When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approvin… | |||
| CVE-2018-12403 | critical | — | 9.5 | — | If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63. | |||
| CVE-2018-11354 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. | |||
| CVE-2018-12405 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |||
| CVE-2018-11233 | critical | — | 9.5 | — | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. | |||
| CVE-2018-18346 | critical | — | 9.5 | — | Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page. | |||
| CVE-2018-5156 | critical | — | 9.5 | — | A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potent… | |||
| CVE-2018-11235 | critical | — | 9.5 | — | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project… | |||
| CVE-2018-17468 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18493 | critical | — | 9.5 | — | A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in … | |||
| CVE-2018-18643 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-12389 | critical | — | 9.5 | — | arbitrary code execution in thunderbird | |||
| CVE-2018-5178 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-12369 | critical | — | 9.5 | — | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… | |||
| CVE-2018-5176 | critical | — | 9.5 | — | The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" link… | |||
| CVE-2018-19876 | critical | — | 9.5 | — | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid… | |||
| CVE-2018-5162 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-19626 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. | |||
| CVE-2018-11356 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in … | |||
| CVE-2018-5127 | critical | — | 9.5 | — | A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR… | |||
| CVE-2018-1000300 | critical | — | 9.5 | — | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based me… | |||
| CVE-2018-6118 | critical | — | 9.5 | — | arbitrary code execution in chromium | |||
| CVE-2018-6106 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18502 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |||
| CVE-2018-18640 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-18503 | critical | — | 9.5 | — | When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < … | |||
| CVE-2018-6099 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18505 | critical | — | 9.5 | — | An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This … | |||
| CVE-2018-6109 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5158 | critical | — | 9.5 | 4y ago | The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permis… | |||
| CVE-2018-11212 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-12549 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-12547 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-18509 | critical | — | 9.5 | 7y ago | multiple issues in thunderbird | |||
| CVE-2018-18506 | critical | — | 9.5 | 7y ago | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to … | |||
| CVE-2018-10895 | critical | — | 9.5 | 8y ago | qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/s… | |||
| CVE-2018-0492 | high | — | 9.0 | — | Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. | |||
| CVE-2018-1000001 | high | — | 9.0 | — | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | |||
| CVE-2018-14912 | high | — | 9.0 | — | cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. | |||
| CVE-2018-11529 | high | — | 9.0 | — | VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result i… | |||
| CVE-2018-6126 | high | — | 9.0 | — | A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||
| CVE-2018-17961 | high | — | 9.0 | — | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2… | |||
| CVE-2018-10900 | high | — | 9.0 | — | Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into … | |||
| CVE-2018-18065 | high | — | 9.0 | — | _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted… | |||
| CVE-2018-18557 | high | — | 9.0 | — | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) de… | |||
| CVE-2018-7254 | high | — | 9.0 | — | The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or in… | |||
| CVE-2018-14665 | high | — | 9.0 | — | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in… | |||
| CVE-2018-5702 | high | — | 9.0 | — | Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and cons… | |||
| CVE-2018-1120 | high | — | 9.0 | — | A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can ca… | |||
| CVE-2018-1000115 | high | — | 9.0 | — | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial … | |||
| CVE-2018-1121 | high | — | 9.0 | — | procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can us… | |||
| CVE-2018-17182 | high | — | 9.0 | — | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possib… | |||
| CVE-2018-7182 | high | — | 9.0 | — | The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 t… | |||
| CVE-2018-17456 | high | — | 9.0 | — | Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git … | |||
| CVE-2018-8897 | high | — | 9.0 | — | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, result… | |||
| CVE-2018-16858 | high | — | 9.0 | — | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could… | |||
| CVE-2018-1999002 | high | — | 9.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2018-13405 | high | — | 9.0 | 4y ago | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certai… | |||
| CVE-2018-11784 | high | — | 9.0 | 8y ago | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/f… | |||
| CVE-2018-25409 | high | 8.8 | 8.8 | 5d ago | SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by submitting PHP code through the fupload parameter. Attackers can upload … | |||
| CVE-2018-25388 | high | 8.8 | 8.8 | 6d ago | HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through mu… | |||
| CVE-2018-25353 | high | 8.8 | 8.8 | 12d ago | Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accou… | |||
| CVE-2018-25308 | high | 8.8 | 8.8 | 1mo ago | BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack… | |||
| CVE-2018-3885 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by para… | |||
| CVE-2018-3884 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and s… | |||
| CVE-2018-3883 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and … | |||
| CVE-2018-3882 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield p… | |||
| CVE-2018-17924 | high | 8.6 | 8.6 | 8y ago | Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upo… | |||
| CVE-2018-25432 | high | 8.4 | 8.4 | 2d ago | Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input fi… | |||
| CVE-2018-25383 | high | 8.4 | 8.4 | 6d ago | Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation.… | |||
| CVE-2018-25377 | high | 8.4 | 8.4 | 10d ago | Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception ha… | |||
| CVE-2018-25376 | high | 8.4 | 8.4 | 10d ago | Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling… | |||
| CVE-2018-25375 | high | 8.4 | 8.4 | 10d ago | SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception ha… | |||
| CVE-2018-25366 | high | 8.4 | 8.4 | 10d ago | CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p… | |||
| CVE-2018-25360 | high | 8.4 | 8.4 | 10d ago | AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured ex… | |||
| CVE-2018-25359 | high | 8.4 | 8.4 | 10d ago | Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can … | |||
| CVE-2018-25373 | high | 8.4 | 8.4 | 10d ago | SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting … | |||
| CVE-2018-25356 | high | 8.4 | 8.4 | 12d ago | SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can tri… | |||
| CVE-2018-25345 | high | 8.4 | 8.4 | 12d ago | 10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft… | |||
| CVE-2018-25344 | high | 8.4 | 8.4 | 12d ago | 10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering … | |||
| CVE-2018-25355 | high | 8.4 | 8.4 | 12d ago | Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious … | |||
| CVE-2018-25328 | high | 8.4 | 8.4 | 18d ago | VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craf… | |||
| CVE-2018-25323 | high | 8.4 | 8.4 | 18d ago | Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payl… | |||
| CVE-2018-25322 | high | 8.4 | 8.4 | 18d ago | Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can… | |||
| CVE-2018-25315 | high | 8.4 | 8.4 | 1mo ago | Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can… | |||
| CVE-2018-25314 | high | 8.4 | 8.4 | 1mo ago | Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Na… | |||
| CVE-2018-25307 | high | 8.4 | 8.4 | 1mo ago | SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key… | |||
| CVE-2018-25304 | high | 8.4 | 8.4 | 1mo ago | Free Download Manager 2.0 Build 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita… | |||
| CVE-2018-25303 | high | 8.4 | 8.4 | 1mo ago | Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exce… | |||
| CVE-2018-25301 | high | 8.4 | 8.4 | 1mo ago | Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious userna… | |||
| CVE-2018-25299 | high | 8.4 | 8.4 | 1mo ago | Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malici… | |||
| CVE-2018-25222 | high | 8.4 | 8.4 | 2mo ago | SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft ma… | |||
| CVE-2018-25434 | high | 8.2 | 8.2 | 2d ago | WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpas_keys parameter. Attacke… | |||
| CVE-2018-25433 | high | 8.2 | 8.2 | 2d ago | Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categor… | |||
| CVE-2018-25428 | high | 8.2 | 8.2 | 2d ago | Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers… | |||
| CVE-2018-25425 | high | 8.2 | 8.2 | 5d ago | Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers … | |||
| CVE-2018-25424 | high | 8.2 | 8.2 | 5d ago | Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters.… |