CVEs from 2018
Total
2,843
critical
critical 238
high
high 331
medium
medium 263
low
low 39
% Critical
8.4%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- arm 9
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-17294 | unknown | — | — | — | The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via o… | |||
| CVE-2018-12015 | unknown | — | — | — | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink a… | |||
| CVE-2018-18311 | unknown | — | — | — | Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||
| CVE-2018-18312 | unknown | — | — | — | Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||
| CVE-2018-6798 | unknown | — | — | — | An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. | |||
| CVE-2018-18313 | unknown | — | — | — | Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | |||
| CVE-2018-18314 | unknown | — | — | — | Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||
| CVE-2018-6913 | unknown | — | — | — | Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | |||
| CVE-2018-7999 | unknown | — | — | — | In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or poss… | |||
| CVE-2018-3296 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows u… | |||
| CVE-2018-3298 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows u… | |||
| CVE-2018-2773 | unknown | — | — | — | ||||
| CVE-2018-20724 | unknown | — | — | — | A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors. | |||
| CVE-2018-20726 | unknown | — | — | — | A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices. | |||
| CVE-2018-9144 | unknown | — | — | — | In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure. | |||
| CVE-2018-3149 | unknown | — | — | — | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedde… | |||
| CVE-2018-1112 | unknown | — | — | — | glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volum… | |||
| CVE-2018-3091 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows u… | |||
| CVE-2018-14866 | unknown | — | — | — | Incorrect access control in the TransientModel framework in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated attackers to access data in transient records tha… | |||
| CVE-2018-5698 | unknown | — | — | — | libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over-read via an unterminated string. | |||
| CVE-2018-18398 | unknown | — | — | — | Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploit… | |||
| CVE-2018-7730 | unknown | — | — | — | An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in … | |||
| CVE-2018-14447 | unknown | — | — | — | ||||
| CVE-2018-12129 | unknown | — | — | — | ||||
| CVE-2018-12882 | unknown | — | — | — | ||||
| CVE-2018-14036 | unknown | — | — | — | Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. | |||
| CVE-2018-16737 | unknown | — | — | — | tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation. | |||
| CVE-2018-20652 | unknown | — | — | — | An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-… | |||
| CVE-2018-3979 | unknown | — | — | — | A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cau… | |||
| CVE-2018-6121 | unknown | — | — | — | ||||
| CVE-2018-7540 | unknown | — | — | — | An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. | |||
| CVE-2018-17954 | unknown | — | — | — | ||||
| CVE-2018-19636 | unknown | — | — | — | ||||
| CVE-2018-8788 | unknown | — | — | — | FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | |||
| CVE-2018-12482 | unknown | — | — | — | OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues. | |||
| CVE-2018-11731 | unknown | — | — | — | The libfsntfs_mft_entry_read_attributes function in libfsntfs_mft_entry.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via … | |||
| CVE-2018-14451 | unknown | — | — | — | An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp. | |||
| CVE-2018-15671 | unknown | — | — | — | An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This r… | |||
| CVE-2018-17436 | unknown | — | — | — | ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converti… | |||
| CVE-2018-14374 | unknown | — | — | — | ||||
| CVE-2018-5806 | unknown | — | — | — | An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. | |||
| CVE-2018-6197 | unknown | — | — | — | w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | |||
| CVE-2018-10373 | unknown | — | — | — | concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereferen… | |||
| CVE-2018-2622 | unknown | — | — | — | ||||
| CVE-2018-7332 | unknown | — | — | — | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length. | |||
| CVE-2018-7544 | unknown | — | — | — | ||||
| CVE-2018-17432 | unknown | — | — | — | A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. | |||
| CVE-2018-7164 | unknown | — | — | — | Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the ne… | |||
| CVE-2018-20365 | unknown | — | — | — | LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. | |||
| CVE-2018-19640 | unknown | — | — | — | ||||
| CVE-2018-5249 | unknown | — | — | — | Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and 0.9.x before 0.9.3 allows remote attackers to inject arbitrary code via the login form's username field (aka the login parameter t… | |||
| CVE-2018-17206 | unknown | — | — | — | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. | |||
| CVE-2018-7169 | unknown | — | — | — | An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker … | |||
| CVE-2018-25021 | unknown | — | — | — | The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service … | |||
| CVE-2018-4271 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, … | |||
| CVE-2018-4272 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, i… | |||
| CVE-2018-4376 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | |||
| CVE-2018-15640 | unknown | — | — | — | Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote authenticated attackers to obtain elevated privileges via a crafted request. | |||
| CVE-2018-10372 | unknown | — | — | — | process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated… | |||
| CVE-2018-1000178 | unknown | — | — | — | A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to e… | |||
| CVE-2018-11435 | unknown | — | — | — | The mobi_decompress_huffman_internal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. | |||
| CVE-2018-15378 | unknown | — | — | — | A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "… | |||
| CVE-2018-0490 | unknown | — | — | — | An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause… | |||
| CVE-2018-19543 | unknown | — | — | — | ||||
| CVE-2018-19539 | unknown | — | — | — | ||||
| CVE-2018-17095 | unknown | — | — | — | An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when run… | |||
| CVE-2018-18247 | unknown | — | — | — | Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter. | |||
| CVE-2018-18246 | unknown | — | — | — | Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module. | |||
| CVE-2018-18249 | unknown | — | — | — | Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_R… | |||
| CVE-2018-18248 | unknown | — | — | — | Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup que… | |||
| CVE-2018-2665 | unknown | — | — | — | ||||
| CVE-2018-11438 | unknown | — | — | — | The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution (heap-based buffer overflow) via a crafted mobi file. | |||
| CVE-2018-11724 | unknown | — | — | — | The mobi_pk1_decrypt function in encryption.c in Libmobi 0.3 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted … | |||
| CVE-2018-0618 | unknown | — | — | — | ||||
| CVE-2018-14038 | unknown | — | — | — | ||||
| CVE-2018-7033 | unknown | — | — | — | ||||
| CVE-2018-1000546 | unknown | — | — | — | Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing game data that can result in Possible information disclosure, server-side request forgery, or remote c… | |||
| CVE-2018-9860 | unknown | — | — | — | An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation e… | |||
| CVE-2018-18655 | unknown | — | — | — | Prayer through 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting. | |||
| CVE-2018-14073 | unknown | — | — | — | libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. | |||
| CVE-2018-4208 | unknown | — | — | — | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This is… | |||
| CVE-2018-16435 | unknown | — | — | — | Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafte… | |||
| CVE-2018-25100 | unknown | — | — | — | The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar. | |||
| CVE-2018-12559 | unknown | — | — | — | An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is insufficient. A regular user can consequently mount a CIF… | |||
| CVE-2018-12560 | unknown | — | — | — | An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/ker… | |||
| CVE-2018-12562 | unknown | — | — | — | An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary.… | |||
| CVE-2018-19762 | unknown | — | — | — | There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact. | |||
| CVE-2018-18928 | unknown | — | — | — | International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. | |||
| CVE-2018-19052 | unknown | — | — | — | An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_… | |||
| CVE-2018-13054 | unknown | — | — | — | An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_… | |||
| CVE-2018-1000101 | unknown | — | — | — | Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used t… | |||
| CVE-2018-1059 | unknown | — | — | — | The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translat… | |||
| CVE-2018-10915 | unknown | — | — | — | ||||
| CVE-2018-7485 | unknown | — | — | — | The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified… | |||
| CVE-2018-6508 | unknown | — | — | — | Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the facter_task or puppet_conf tasks. This vulnerability only aff… | |||
| CVE-2018-1000038 | unknown | — | — | — | In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file. | |||
| CVE-2018-1000039 | unknown | — | — | — | In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted fil… | |||
| CVE-2018-15468 | unknown | — | — | — | An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtua… | |||
| CVE-2018-1000031 | unknown | — | — | — | A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. | |||
| CVE-2018-1000032 | unknown | — | — | — | A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution. |