CVEs from 2018
Total
2,853
critical
critical 238
high
high 331
medium
medium 263
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- arm 9
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0154 | unknown | — | 1.5 | 4y ago | A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service … | |||
| CVE-2018-0151 | unknown | — | 1.5 | 4y ago | A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition … | |||
| CVE-2018-0159 | unknown | — | 1.5 | 4y ago | A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause… | |||
| CVE-2018-0167 | unknown | — | 1.5 | 4y ago | There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthentic… | |||
| CVE-2018-8581 | unknown | — | 1.5 | 4y ago | A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server. | |||
| CVE-2018-0173 | unknown | — | 1.5 | 4y ago | A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS). | |||
| CVE-2018-0172 | unknown | — | 1.5 | 4y ago | A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS). | |||
| CVE-2018-0174 | unknown | — | 1.5 | 4y ago | A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS). | |||
| CVE-2018-0180 | unknown | — | 1.5 | 4y ago | A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial … | |||
| CVE-2018-13383 | unknown | — | 1.5 | 5y ago | A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users. | |||
| CVE-2018-4939 | unknown | — | 1.5 | 5y ago | Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution. | |||
| CVE-2018-8653 | unknown | — | 1.5 | 5y ago | Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution. | |||
| CVE-2018-14558 | unknown | — | 1.5 | 5y ago | Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows… | |||
| CVE-2018-0802 | unknown | — | 1.5 | 5y ago | Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. … | |||
| CVE-2018-0798 | unknown | — | 1.5 | 5y ago | Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. … | |||
| CVE-2018-1273 | unknown | — | 1.5 | 8y ago | Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution. | |||
| CVE-2018-4218 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected… | |||
| CVE-2018-13441 | unknown | — | 1.0 | — | qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload … | |||
| CVE-2018-4121 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. … | |||
| CVE-2018-12293 | unknown | — | 1.0 | — | The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to versio… | |||
| CVE-2018-4382 | unknown | — | 1.0 | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Window… | |||
| CVE-2018-4222 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected… | |||
| CVE-2018-4197 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-4442 | unknown | — | 1.0 | — | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud f… | |||
| CVE-2018-4443 | unknown | — | 1.0 | — | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud f… | |||
| CVE-2018-4200 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected… | |||
| CVE-2018-10583 | unknown | — | 1.0 | — | An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstr… | |||
| CVE-2018-4438 | unknown | — | 1.0 | — | A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, i… | |||
| CVE-2018-4306 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-4416 | unknown | — | 1.0 | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Window… | |||
| CVE-2018-4386 | unknown | — | 1.0 | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Window… | |||
| CVE-2018-5333 | unknown | — | 1.0 | — | In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL … | |||
| CVE-2018-12904 | unknown | — | 1.0 | — | In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial… | |||
| CVE-2018-4192 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected… | |||
| CVE-2018-4328 | unknown | — | 1.0 | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-7273 | unknown | — | 1.0 | — | In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An a… | |||
| CVE-2018-16323 | unknown | — | 1.0 | — | ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into… | |||
| CVE-2018-4317 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-4441 | unknown | — | 1.0 | — | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud f… | |||
| CVE-2018-4162 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. … | |||
| CVE-2018-18955 | unknown | — | 1.0 | — | In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ra… | |||
| CVE-2018-4315 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-4089 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS before 11.2.5 is affected. The issue involve… | |||
| CVE-2018-4312 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-4314 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-4323 | unknown | — | 1.0 | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-6871 | unknown | — | 1.0 | — | LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | |||
| CVE-2018-11646 | unknown | — | 1.0 | — | webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unse… | |||
| CVE-2018-1160 | unknown | — | 1.0 | — | Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage th… | |||
| CVE-2018-4233 | unknown | — | 1.0 | — | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected… | |||
| CVE-2018-4318 | unknown | — | 1.0 | — | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||
| CVE-2018-11412 | unknown | — | 1.0 | — | In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that sto… | |||
| CVE-2018-12617 | unknown | — | 1.0 | — | qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fau… | |||
| CVE-2018-16509 | unknown | — | 1.0 | — | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafte… | |||
| CVE-2018-11508 | unknown | — | 1.0 | — | The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex. | |||
| CVE-2018-13457 | unknown | — | 1.0 | — | qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the … | |||
| CVE-2018-13458 | unknown | — | 1.0 | — | qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the … | |||
| CVE-2018-1306 | unknown | — | 1.0 | 4y ago | Exposure of Sensitive Information in Apache Pluto | |||
| CVE-2018-8718 | unknown | — | 1.0 | 4y ago | Cross-Site Request Forgery in Jenkins Mailer Plugin | |||
| CVE-2018-10054 | unknown | — | 1.0 | 4y ago | Improper Input Validation in Datomic | |||
| CVE-2018-11770 | unknown | — | 1.0 | 8y ago | org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 Improper Authentication vulnerability | |||
| CVE-2018-1321 | unknown | — | 1.0 | 8y ago | High severity vulnerability that affects org.apache.syncope:syncope-core | |||
| CVE-2018-1322 | unknown | — | 1.0 | 8y ago | Exposure of Sensitive Information to an Unauthorized Actor in Apache syncope-cope | |||
| CVE-2018-1335 | unknown | — | 1.0 | 8y ago | Command injection in org.apache.tika:tika-core | |||
| CVE-2018-10177 | unknown | — | — | — | In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a craf… | |||
| CVE-2018-19134 | unknown | — | — | — | In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, exe… | |||
| CVE-2018-19409 | unknown | — | — | — | An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used. | |||
| CVE-2018-19476 | unknown | — | — | — | psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. | |||
| CVE-2018-19477 | unknown | — | — | — | psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. | |||
| CVE-2018-4022 | unknown | — | — | — | A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of t… | |||
| CVE-2018-5108 | unknown | — | — | — | A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could all… | |||
| CVE-2018-5111 | unknown | — | — | — | When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a different site than the one loaded. This allows for phishing atta… | |||
| CVE-2018-5113 | unknown | — | — | — | The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged … | |||
| CVE-2018-5112 | unknown | — | — | — | Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could … | |||
| CVE-2018-5118 | unknown | — | — | — | The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to creat… | |||
| CVE-2018-5119 | unknown | — | — | — | The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in … | |||
| CVE-2018-5121 | unknown | — | — | — | Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain… | |||
| CVE-2018-5128 | unknown | — | — | — | A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects… | |||
| CVE-2018-5122 | unknown | — | — | — | A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefo… | |||
| CVE-2018-5132 | unknown | — | — | — | The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protect… | |||
| CVE-2018-5143 | unknown | — | — | — | URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the "javascript:" UR… | |||
| CVE-2018-12564 | unknown | — | — | — | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on… | |||
| CVE-2018-12563 | unknown | — | — | — | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavas… | |||
| CVE-2018-12565 | unknown | — | — | — | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur. | |||
| CVE-2018-14015 | unknown | — | — | — | The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input valid… | |||
| CVE-2018-14017 | unknown | — | — | — | The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .cl… | |||
| CVE-2018-14016 | unknown | — | — | — | The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Cra… | |||
| CVE-2018-20456 | unknown | — | — | — | In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer … | |||
| CVE-2018-20457 | unknown | — | — | — | In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an ar… | |||
| CVE-2018-20458 | unknown | — | — | — | In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a… | |||
| CVE-2018-20459 | unknown | — | — | — | In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembl… | |||
| CVE-2018-20461 | unknown | — | — | — | In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file. | |||
| CVE-2018-8808 | unknown | — | — | — | In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex … | |||
| CVE-2018-8809 | unknown | — | — | — | In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex … | |||
| CVE-2018-8810 | unknown | — | — | — | In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a craf… | |||
| CVE-2018-19975 | unknown | — | — | — | In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD. | |||
| CVE-2018-19974 | unknown | — | — | — | In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (no… | |||
| CVE-2018-20452 | unknown | — | — | — | The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted… | |||
| CVE-2018-20450 | unknown | — | — | — | The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-28… | |||
| CVE-2018-21009 | unknown | — | — | — | Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. |