CVEs from 2018
Total
2,859
critical
critical 238
high
high 331
medium
medium 261
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- arm 9
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12363 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a… | |||
| CVE-2018-12362 | critical | — | 9.5 | — | An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects … | |||
| CVE-2018-12359 | critical | — | 9.5 | — | A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundari… | |||
| CVE-2018-12358 | critical | — | 9.5 | — | Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability … | |||
| CVE-2018-20346 | critical | — | 9.5 | — | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow… | |||
| CVE-2018-18359 | critical | — | 9.5 | — | Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||
| CVE-2018-18343 | critical | — | 9.5 | — | Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-18339 | critical | — | 9.5 | — | Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-18337 | critical | — | 9.5 | — | Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-12360 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulne… | |||
| CVE-2018-0202 | critical | — | 9.5 | — | clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is… | |||
| CVE-2018-19625 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. | |||
| CVE-2018-19622 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. | |||
| CVE-2018-12383 | critical | — | 9.5 | — | If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… | |||
| CVE-2018-11360 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu… | |||
| CVE-2018-1000301 | critical | — | 9.5 | — | curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end o… | |||
| CVE-2018-11358 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre… | |||
| CVE-2018-11357 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | |||
| CVE-2018-17464 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-19624 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. | |||
| CVE-2018-18495 | critical | — | 9.5 | — | WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading … | |||
| CVE-2018-18494 | critical | — | 9.5 | — | A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This i… | |||
| CVE-2018-18493 | critical | — | 9.5 | — | A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in … | |||
| CVE-2018-12373 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-17477 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6105 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6156 | critical | — | 9.5 | — | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | |||
| CVE-2018-11356 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in … | |||
| CVE-2018-11355 | critical | — | 9.5 | — | In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. | |||
| CVE-2018-5185 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-17466 | critical | — | 9.5 | — | Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||
| CVE-2018-5183 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5158 | critical | — | 9.5 | 4y ago | The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permis… | |||
| CVE-2018-11212 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-12549 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-12547 | critical | — | 9.5 | 7y ago | RHSA-2019:1238: java-1.8.0-ibm security update (Critical) | |||
| CVE-2018-18509 | critical | — | 9.5 | 7y ago | multiple issues in thunderbird | |||
| CVE-2018-18506 | critical | — | 9.5 | 7y ago | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to … | |||
| CVE-2018-10895 | critical | — | 9.5 | 8y ago | qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/s… | |||
| CVE-2018-6126 | high | — | 9.0 | — | A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||
| CVE-2018-7254 | high | — | 9.0 | — | The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or in… | |||
| CVE-2018-16858 | high | — | 9.0 | — | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could… | |||
| CVE-2018-17961 | high | — | 9.0 | — | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2… | |||
| CVE-2018-14912 | high | — | 9.0 | — | cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. | |||
| CVE-2018-1000001 | high | — | 9.0 | — | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | |||
| CVE-2018-1121 | high | — | 9.0 | — | procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can us… | |||
| CVE-2018-18557 | high | — | 9.0 | — | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) de… | |||
| CVE-2018-18065 | high | — | 9.0 | — | _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted… | |||
| CVE-2018-5702 | high | — | 9.0 | — | Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and cons… | |||
| CVE-2018-10900 | high | — | 9.0 | — | Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into … | |||
| CVE-2018-0492 | high | — | 9.0 | — | Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. | |||
| CVE-2018-17456 | high | — | 9.0 | — | Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git … | |||
| CVE-2018-14665 | high | — | 9.0 | — | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in… | |||
| CVE-2018-1000115 | high | — | 9.0 | — | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial … | |||
| CVE-2018-11529 | high | — | 9.0 | — | VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result i… | |||
| CVE-2018-7182 | high | — | 9.0 | — | The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 t… | |||
| CVE-2018-1120 | high | — | 9.0 | — | A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can ca… | |||
| CVE-2018-8897 | high | — | 9.0 | — | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, result… | |||
| CVE-2018-17182 | high | — | 9.0 | — | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possib… | |||
| CVE-2018-1999002 | high | — | 9.0 | 4y ago | multiple issues in jenkins | |||
| CVE-2018-13405 | high | — | 9.0 | 4y ago | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certai… | |||
| CVE-2018-11784 | high | — | 9.0 | 8y ago | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/f… | |||
| CVE-2018-25409 | high | 8.8 | 8.8 | 6d ago | SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by submitting PHP code through the fupload parameter. Attackers can upload … | |||
| CVE-2018-25388 | high | 8.8 | 8.8 | 7d ago | HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through mu… | |||
| CVE-2018-25353 | high | 8.8 | 8.8 | 13d ago | Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accou… | |||
| CVE-2018-25308 | high | 8.8 | 8.8 | 1mo ago | BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack… | |||
| CVE-2018-3885 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by para… | |||
| CVE-2018-3884 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and s… | |||
| CVE-2018-3883 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and … | |||
| CVE-2018-3882 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield p… | |||
| CVE-2018-17924 | high | 8.6 | 8.6 | 8y ago | Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upo… | |||
| CVE-2018-25432 | high | 8.4 | 8.4 | 4d ago | Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input fi… | |||
| CVE-2018-25383 | high | 8.4 | 8.4 | 7d ago | Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation.… | |||
| CVE-2018-25377 | high | 8.4 | 8.4 | 11d ago | Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception ha… | |||
| CVE-2018-25376 | high | 8.4 | 8.4 | 11d ago | Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling… | |||
| CVE-2018-25375 | high | 8.4 | 8.4 | 11d ago | SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception ha… | |||
| CVE-2018-25366 | high | 8.4 | 8.4 | 11d ago | CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p… | |||
| CVE-2018-25360 | high | 8.4 | 8.4 | 11d ago | AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured ex… | |||
| CVE-2018-25359 | high | 8.4 | 8.4 | 11d ago | Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can … | |||
| CVE-2018-25373 | high | 8.4 | 8.4 | 11d ago | SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting … | |||
| CVE-2018-25356 | high | 8.4 | 8.4 | 13d ago | SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can tri… | |||
| CVE-2018-25345 | high | 8.4 | 8.4 | 13d ago | 10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft… | |||
| CVE-2018-25344 | high | 8.4 | 8.4 | 13d ago | 10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering … | |||
| CVE-2018-25355 | high | 8.4 | 8.4 | 13d ago | Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious … | |||
| CVE-2018-25328 | high | 8.4 | 8.4 | 19d ago | VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craf… | |||
| CVE-2018-25323 | high | 8.4 | 8.4 | 19d ago | Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payl… | |||
| CVE-2018-25322 | high | 8.4 | 8.4 | 19d ago | Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can… | |||
| CVE-2018-25315 | high | 8.4 | 8.4 | 1mo ago | Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can… | |||
| CVE-2018-25314 | high | 8.4 | 8.4 | 1mo ago | Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Na… | |||
| CVE-2018-25307 | high | 8.4 | 8.4 | 1mo ago | SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key… | |||
| CVE-2018-25304 | high | 8.4 | 8.4 | 1mo ago | Free Download Manager 2.0 Build 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita… | |||
| CVE-2018-25303 | high | 8.4 | 8.4 | 1mo ago | Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exce… | |||
| CVE-2018-25301 | high | 8.4 | 8.4 | 1mo ago | Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious userna… | |||
| CVE-2018-25299 | high | 8.4 | 8.4 | 1mo ago | Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malici… | |||
| CVE-2018-25222 | high | 8.4 | 8.4 | 2mo ago | SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft ma… | |||
| CVE-2018-25434 | high | 8.2 | 8.2 | 4d ago | WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpas_keys parameter. Attacke… | |||
| CVE-2018-25433 | high | 8.2 | 8.2 | 4d ago | Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categor… | |||
| CVE-2018-25428 | high | 8.2 | 8.2 | 4d ago | Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers… | |||
| CVE-2018-25425 | high | 8.2 | 8.2 | 6d ago | Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers … | |||
| CVE-2018-25424 | high | 8.2 | 8.2 | 6d ago | Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters.… |