CVEs from 2018
Total
2,843
critical
critical 238
high
high 331
medium
medium 263
low
low 39
% Critical
8.4%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- arm 9
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-17437 | unknown | — | — | — | Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file. | |||
| CVE-2018-10981 | unknown | — | — | — | An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid tra… | |||
| CVE-2018-10685 | unknown | — | — | — | In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possi… | |||
| CVE-2018-5650 | unknown | — | — | — | In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of se… | |||
| CVE-2018-10753 | unknown | — | — | — | Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified … | |||
| CVE-2018-10771 | unknown | — | — | — | Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other i… | |||
| CVE-2018-1056 | unknown | — | — | — | An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by … | |||
| CVE-2018-1054 | unknown | — | — | — | An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially us… | |||
| CVE-2018-10773 | unknown | — | — | — | NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by copac2x… | |||
| CVE-2018-8050 | unknown | — | — | — | The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of service (segmentation fault) via a corrupt AFF image that trigg… | |||
| CVE-2018-20453 | unknown | — | — | — | The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file. | |||
| CVE-2018-20189 | unknown | — | — | — | In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and al… | |||
| CVE-2018-20148 | unknown | — | — | — | In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of seriali… | |||
| CVE-2018-20152 | unknown | — | — | — | In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input. | |||
| CVE-2018-3133 | unknown | — | — | — | ||||
| CVE-2018-3081 | unknown | — | — | — | ||||
| CVE-2018-3827 | unknown | — | — | — | ||||
| CVE-2018-2794 | unknown | — | — | — | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult … | |||
| CVE-2018-14862 | unknown | — | — | — | Incorrect access control in the mail templating system in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated internal users to delete arbitrary menuitems via a … | |||
| CVE-2018-6353 | unknown | — | — | — | The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not under… | |||
| CVE-2018-19759 | unknown | — | — | — | There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service. | |||
| CVE-2018-14072 | unknown | — | — | — | libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. | |||
| CVE-2018-19761 | unknown | — | — | — | There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service. | |||
| CVE-2018-19757 | unknown | — | — | — | There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that will cause a denial of service. | |||
| CVE-2018-16870 | unknown | — | — | — | It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data. | |||
| CVE-2018-15856 | unknown | — | — | — | An infinite loop when reaching EOL unexpectedly in compose/parser.c (aka the keymap parser) in xkbcommon before 0.8.1 could be used by local attackers to cause a denial of service during parsing of c… | |||
| CVE-2018-16402 | unknown | — | — | — | libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress tw… | |||
| CVE-2018-16403 | unknown | — | — | — | libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an… | |||
| CVE-2018-18838 | unknown | — | — | — | An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry. | |||
| CVE-2018-5392 | unknown | — | — | — | mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to fu… | |||
| CVE-2018-1000050 | unknown | — | — | — | Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of… | |||
| CVE-2018-14659 | unknown | — | — | — | The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit t… | |||
| CVE-2018-10361 | unknown | — | — | — | An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allo… | |||
| CVE-2018-14651 | unknown | — | — | — | It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execu… | |||
| CVE-2018-14652 | unknown | — | — | — | The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr'… | |||
| CVE-2018-14654 | unknown | — | — | — | The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN… | |||
| CVE-2018-14660 | unknown | — | — | — | A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple l… | |||
| CVE-2018-17188 | unknown | — | — | — | ||||
| CVE-2018-12546 | unknown | — | — | — | In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to… | |||
| CVE-2018-12551 | unknown | — | — | — | When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means… | |||
| CVE-2018-20145 | unknown | — | — | — | Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then … | |||
| CVE-2018-1000100 | unknown | — | — | — | GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This… | |||
| CVE-2018-20763 | unknown | — | — | — | In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. | |||
| CVE-2018-12179 | unknown | — | — | — | Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | |||
| CVE-2018-19777 | unknown | — | — | — | In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | |||
| CVE-2018-1000036 | unknown | — | — | — | In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file. | |||
| CVE-2018-1000037 | unknown | — | — | — | In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file. | |||
| CVE-2018-16648 | unknown | — | — | — | In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-dev… | |||
| CVE-2018-18662 | unknown | — | — | — | There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool. | |||
| CVE-2018-12381 | unknown | — | — | — | Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only af… | |||
| CVE-2018-16554 | unknown | — | — | — | The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of incon… | |||
| CVE-2018-12265 | unknown | — | — | — | Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. | |||
| CVE-2018-20359 | unknown | — | — | — | An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segment… | |||
| CVE-2018-20195 | unknown | — | — | — | A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash… | |||
| CVE-2018-19504 | unknown | — | — | — | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c. | |||
| CVE-2018-20358 | unknown | — | — | — | An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation … | |||
| CVE-2018-20197 | unknown | — | — | — | There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a … | |||
| CVE-2018-20198 | unknown | — | — | — | A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash… | |||
| CVE-2018-6514 | unknown | — | — | — | In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privil… | |||
| CVE-2018-7418 | unknown | — | — | — | In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. | |||
| CVE-2018-7419 | unknown | — | — | — | In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization. | |||
| CVE-2018-9258 | unknown | — | — | — | In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources. | |||
| CVE-2018-9262 | unknown | — | — | — | In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth. | |||
| CVE-2018-2694 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vuln… | |||
| CVE-2018-11230 | unknown | — | — | — | jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted file. | |||
| CVE-2018-1323 | unknown | — | — | — | The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctl… | |||
| CVE-2018-18898 | unknown | — | — | — | The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | |||
| CVE-2018-14600 | unknown | — | — | — | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes… | |||
| CVE-2018-14449 | unknown | — | — | — | An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp. | |||
| CVE-2018-17191 | unknown | — | — | — | Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is vulnerable for remote command execution (RCE). Using the nashorn script engine the environment of the javasc… | |||
| CVE-2018-14456 | unknown | — | — | — | An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp. | |||
| CVE-2018-18836 | unknown | — | — | — | An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c. | |||
| CVE-2018-18839 | unknown | — | — | — | An issue was discovered in Netdata 1.10.0. Full Path Disclosure (FPD) exists via api/v1/alarms. NOTE: the vendor says "is intentional. | |||
| CVE-2018-18837 | unknown | — | — | — | An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c. | |||
| CVE-2018-1000117 | unknown | — | — | — | Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, li… | |||
| CVE-2018-10471 | unknown | — | — | — | An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of … | |||
| CVE-2018-10982 | unknown | — | — | — | An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain h… | |||
| CVE-2018-10472 | unknown | — | — | — | An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifyin… | |||
| CVE-2018-15469 | unknown | — | — | — | An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they… | |||
| CVE-2018-17097 | unknown | — | — | — | The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by… | |||
| CVE-2018-19865 | unknown | — | — | — | A keystroke logging issue was discovered in Virtual Keyboard in Qt 5.7.x, 5.8.x, 5.9.x, 5.10.x, and 5.11.x before 5.11.3. | |||
| CVE-2018-6249 | unknown | — | — | — | NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | |||
| CVE-2018-6253 | unknown | — | — | — | NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service. | |||
| CVE-2018-12368 | unknown | — | — | — | Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the w… | |||
| CVE-2018-0493 | unknown | — | — | — | remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary comman… | |||
| CVE-2018-12689 | unknown | — | — | — | phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel. | |||
| CVE-2018-13410 | unknown | — | — | — | Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact becau… | |||
| CVE-2018-2638 | unknown | — | — | — | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unaut… | |||
| CVE-2018-2790 | unknown | — | — | — | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u… | |||
| CVE-2018-16883 | unknown | — | — | — | sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user di… | |||
| CVE-2018-1116 | unknown | — | — | — | A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger a… | |||
| CVE-2018-17794 | unknown | — | — | — | An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. | |||
| CVE-2018-20194 | unknown | — | — | — | There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a … | |||
| CVE-2018-17985 | unknown | — | — | — | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls … | |||
| CVE-2018-10945 | unknown | — | — | — | The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an … | |||
| CVE-2018-9271 | unknown | — | — | — | In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak. | |||
| CVE-2018-18765 | unknown | — | — | — | An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A spe… | |||
| CVE-2018-20615 | unknown | — | — | — | An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame … | |||
| CVE-2018-10244 | unknown | — | — | — | Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-comm… | |||
| CVE-2018-2618 | unknown | — | — | — | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embed… |