CVEs from 2018
Total
2,860
critical
critical 238
high
high 329
medium
medium 260
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- mitel 8
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6088 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-1000222 | critical | — | 9.5 | — | Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted … | |||
| CVE-2018-6156 | critical | — | 9.5 | — | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | |||
| CVE-2018-5152 | critical | — | 9.5 | — | WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For exa… | |||
| CVE-2018-12398 | critical | — | 9.5 | — | By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63. | |||
| CVE-2018-19623 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. T… | |||
| CVE-2018-12374 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-11356 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in … | |||
| CVE-2018-18358 | critical | — | 9.5 | — | Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. | |||
| CVE-2018-1000301 | critical | — | 9.5 | — | curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end o… | |||
| CVE-2018-11357 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | |||
| CVE-2018-11358 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre… | |||
| CVE-2018-11360 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu… | |||
| CVE-2018-19622 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. | |||
| CVE-2018-18344 | critical | — | 9.5 | — | Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to a… | |||
| CVE-2018-18335 | critical | — | 9.5 | — | Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-19625 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. | |||
| CVE-2018-5151 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |||
| CVE-2018-5146 | critical | — | 9.5 | — | An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. | |||
| CVE-2018-5168 | critical | — | 9.5 | — | Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without… | |||
| CVE-2018-5164 | critical | — | 9.5 | — | Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block… | |||
| CVE-2018-5177 | critical | — | 9.5 | — | A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affect… | |||
| CVE-2018-18492 | critical | — | 9.5 | — | A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. T… | |||
| CVE-2018-1000085 | critical | — | 9.5 | — | ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit cha… | |||
| CVE-2018-11359 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | |||
| CVE-2018-12383 | critical | — | 9.5 | — | If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… | |||
| CVE-2018-0202 | critical | — | 9.5 | — | clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is… | |||
| CVE-2018-18648 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-6090 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12389 | critical | — | 9.5 | — | arbitrary code execution in thunderbird | |||
| CVE-2018-6086 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12407 | critical | — | 9.5 | — | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially explo… | |||
| CVE-2018-5158 | critical | — | 9.5 | 4y ago | The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permis… | |||
| CVE-2018-11212 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-12549 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-12547 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-18509 | critical | — | 9.5 | 7y ago | multiple issues in thunderbird | |||
| CVE-2018-18506 | critical | — | 9.5 | 7y ago | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to … | |||
| CVE-2018-10895 | critical | — | 9.5 | 8y ago | qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/s… | |||
| CVE-2018-17961 | high | — | 9.0 | — | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2… | |||
| CVE-2018-16858 | high | — | 9.0 | — | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could… | |||
| CVE-2018-14665 | high | — | 9.0 | — | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in… | |||
| CVE-2018-17456 | high | — | 9.0 | — | Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git … | |||
| CVE-2018-7182 | high | — | 9.0 | — | The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 t… | |||
| CVE-2018-1121 | high | — | 9.0 | — | procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can us… | |||
| CVE-2018-0492 | high | — | 9.0 | — | Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. | |||
| CVE-2018-1120 | high | — | 9.0 | — | A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can ca… | |||
| CVE-2018-1000001 | high | — | 9.0 | — | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | |||
| CVE-2018-17182 | high | — | 9.0 | — | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possib… | |||
| CVE-2018-7254 | high | — | 9.0 | — | The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or in… | |||
| CVE-2018-6126 | high | — | 9.0 | — | A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||
| CVE-2018-18065 | high | — | 9.0 | — | _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted… | |||
| CVE-2018-10900 | high | — | 9.0 | — | Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into … | |||
| CVE-2018-5702 | high | — | 9.0 | — | Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and cons… | |||
| CVE-2018-11529 | high | — | 9.0 | — | VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result i… | |||
| CVE-2018-8897 | high | — | 9.0 | — | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, result… | |||
| CVE-2018-1000115 | high | — | 9.0 | — | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial … | |||
| CVE-2018-14912 | high | — | 9.0 | — | cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. | |||
| CVE-2018-18557 | high | — | 9.0 | — | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) de… | |||
| CVE-2018-1999002 | high | — | 9.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2018-13405 | high | — | 9.0 | 4y ago | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certai… | |||
| CVE-2018-11784 | high | — | 9.0 | 8y ago | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/f… | |||
| CVE-2018-25409 | high | 8.8 | 8.8 | 6d ago | SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by submitting PHP code through the fupload parameter. Attackers can upload … | |||
| CVE-2018-25388 | high | 8.8 | 8.8 | 7d ago | HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through mu… | |||
| CVE-2018-25353 | high | 8.8 | 8.8 | 13d ago | Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accou… | |||
| CVE-2018-25308 | high | 8.8 | 8.8 | 1mo ago | BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack… | |||
| CVE-2018-3885 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by para… | |||
| CVE-2018-3884 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and s… | |||
| CVE-2018-3883 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and … | |||
| CVE-2018-3882 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield p… | |||
| CVE-2018-17924 | high | 8.6 | 8.6 | 8y ago | Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upo… | |||
| CVE-2018-25432 | high | 8.4 | 8.4 | 4d ago | Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input fi… | |||
| CVE-2018-25383 | high | 8.4 | 8.4 | 7d ago | Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation.… | |||
| CVE-2018-25377 | high | 8.4 | 8.4 | 11d ago | Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception ha… | |||
| CVE-2018-25376 | high | 8.4 | 8.4 | 11d ago | Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling… | |||
| CVE-2018-25375 | high | 8.4 | 8.4 | 11d ago | SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception ha… | |||
| CVE-2018-25366 | high | 8.4 | 8.4 | 11d ago | CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p… | |||
| CVE-2018-25360 | high | 8.4 | 8.4 | 11d ago | AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured ex… | |||
| CVE-2018-25359 | high | 8.4 | 8.4 | 11d ago | Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can … | |||
| CVE-2018-25373 | high | 8.4 | 8.4 | 11d ago | SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting … | |||
| CVE-2018-25356 | high | 8.4 | 8.4 | 13d ago | SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can tri… | |||
| CVE-2018-25345 | high | 8.4 | 8.4 | 13d ago | 10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft… | |||
| CVE-2018-25344 | high | 8.4 | 8.4 | 13d ago | 10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering … | |||
| CVE-2018-25355 | high | 8.4 | 8.4 | 13d ago | Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious … | |||
| CVE-2018-25328 | high | 8.4 | 8.4 | 19d ago | VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craf… | |||
| CVE-2018-25323 | high | 8.4 | 8.4 | 19d ago | Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payl… | |||
| CVE-2018-25322 | high | 8.4 | 8.4 | 19d ago | Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can… | |||
| CVE-2018-25315 | high | 8.4 | 8.4 | 1mo ago | Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can… | |||
| CVE-2018-25314 | high | 8.4 | 8.4 | 1mo ago | Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Na… | |||
| CVE-2018-25307 | high | 8.4 | 8.4 | 1mo ago | SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key… | |||
| CVE-2018-25304 | high | 8.4 | 8.4 | 1mo ago | Free Download Manager 2.0 Build 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita… | |||
| CVE-2018-25303 | high | 8.4 | 8.4 | 1mo ago | Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exce… | |||
| CVE-2018-25301 | high | 8.4 | 8.4 | 1mo ago | Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious userna… | |||
| CVE-2018-25299 | high | 8.4 | 8.4 | 1mo ago | Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malici… | |||
| CVE-2018-25222 | high | 8.4 | 8.4 | 2mo ago | SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft ma… | |||
| CVE-2018-25434 | high | 8.2 | 8.2 | 4d ago | WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpas_keys parameter. Attacke… | |||
| CVE-2018-25433 | high | 8.2 | 8.2 | 4d ago | Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categor… | |||
| CVE-2018-25428 | high | 8.2 | 8.2 | 4d ago | Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers… | |||
| CVE-2018-25425 | high | 8.2 | 8.2 | 6d ago | Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers … | |||
| CVE-2018-25424 | high | 8.2 | 8.2 | 6d ago | Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters.… |