VIR Vulnerability Intelligence Relay

CVEs from 2018

2,860 normalized CVEs published or assigned in this year.

Total
2,860
critical
critical 238
high
high 329
medium
medium 260
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%

Top vendors

Top products

  • core_i7 379
  • core_i5 375
  • core_i3 242
  • xeon_e5 82
  • xeon_e7 62
  • xeon_e3 58
  • xeon_gold 33
  • atom_z 30

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2018-18445 low 2.5 In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min…
CVE-2018-7455 low 2.5 An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml.
CVE-2018-7453 low 2.5 Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml.
CVE-2018-0737 low 2.5 The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key gen…
CVE-2018-0732 low 2.5 During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long pe…
CVE-2018-12558 low 2.5 The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that c…
CVE-2018-0502 low 2.5 insufficient validation in zsh
CVE-2018-6942 low 2.5 An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
CVE-2018-13259 low 2.5 insufficient validation in zsh
CVE-2018-20225 low 2.5 arbitrary code execution in python-pip
CVE-2018-12699 low 2.5 2y ago RHSA-2024:9689: binutils security update (Low)
CVE-2018-20673 low 2.5 5y ago RHSA-2021:4386: gcc security and bug fix update (Low)
CVE-2018-10896 low 2.5 6y ago RHSA-2020:3050: cloud-init security, bug fix, and enhancement update (Low)
CVE-2018-7263 low 2.5 6y ago RHSA-2020:1631: GStreamer, libmad, and SDL security, bug fix, and enhancement update (Low)
CVE-2018-19840 low 2.5 6y ago RHSA-2020:1581: wavpack security update (Low)
CVE-2018-19841 low 2.5 6y ago RHSA-2020:1581: wavpack security update (Low)
CVE-2018-10910 low 2.5 6y ago RHSA-2020:1912: bluez security update (Low)
CVE-2018-19519 low 2.5 6y ago RHSA-2020:1604: tcpdump security update (Low)
CVE-2018-10392 low 2.5 7y ago RHSA-2019:3703: libvorbis security update (Low)
CVE-2018-10393 low 2.5 7y ago RHSA-2019:3703: libvorbis security update (Low)
CVE-2018-18751 low 2.5 7y ago RHSA-2019:3643: gettext security update (Low)
CVE-2018-5745 low 2.5 7y ago RHSA-2019:3552: bind security and bug fix update (Low)
CVE-2018-6616 low 2.5 7y ago RHBA-2019:3408: openjpeg2 bug fix and enhancement update (Low)
CVE-2018-10932 low 2.5 7y ago RHSA-2019:3673: lldpad security and bug fix update (Low)
CVE-2018-16838 low 2.5 7y ago RHSA-2019:3651: sssd security, bug fix, and enhancement update (Low)
CVE-2018-0735 low 2.5 7y ago RHSA-2019:3700: openssl security, bug fix, and enhancement update (Low)
CVE-2018-0734 low 2.5 7y ago RHSA-2019:3700: openssl security, bug fix, and enhancement update (Low)
CVE-2018-20657 low 2.5 7y ago RHSA-2019:3352: gdb security, bug fix, and enhancement update (Low)