CVEs from 2018
Total
2,860
critical
critical 238
high
high 329
medium
medium 260
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- mitel 8
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-5159 | critical | — | 10.0 | — | An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially e… | |||
| CVE-2018-10933 | critical | — | 10.0 | — | A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unautho… | |||
| CVE-2018-15686 | critical | — | 10.0 | — | A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution an… | |||
| CVE-2018-6092 | critical | — | 10.0 | — | multiple issues in chromium | |||
| CVE-2018-19627 | critical | — | 10.0 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. | |||
| CVE-2018-15687 | critical | — | 10.0 | — | A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239. | |||
| CVE-2018-17480 | critical | — | 10.0 | 4y ago | Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple w… | |||
| CVE-2018-17463 | critical | — | 10.0 | 4y ago | Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web br… | |||
| CVE-2018-6789 | high | — | 10.0 | 5y ago | An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. | |||
| CVE-2018-7602 | critical | — | 10.0 | 8y ago | A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site. | |||
| CVE-2018-7600 | critical | — | 10.0 | 8y ago | Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. | |||
| CVE-2018-11091 | critical | 9.9 | 9.9 | 8y ago | An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system comm… | |||
| CVE-2018-25427 | critical | 9.8 | 9.8 | 3d ago | Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers ca… | |||
| CVE-2018-25412 | critical | 9.8 | 9.8 | 6d ago | Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form… | |||
| CVE-2018-25357 | critical | 9.8 | 9.8 | 13d ago | Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter. Attackers ca… | |||
| CVE-2018-25350 | critical | 9.8 | 9.8 | 13d ago | userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. At… | |||
| CVE-2018-25335 | critical | 9.8 | 9.8 | 19d ago | WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint.… | |||
| CVE-2018-25332 | critical | 9.8 | 9.8 | 19d ago | GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file uploa… | |||
| CVE-2018-25320 | critical | 9.8 | 9.8 | 19d ago | ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can … | |||
| CVE-2018-25318 | critical | 9.8 | 9.8 | 1mo ago | Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers ca… | |||
| CVE-2018-25317 | critical | 9.8 | 9.8 | 1mo ago | Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… | |||
| CVE-2018-25316 | critical | 9.8 | 9.8 | 1mo ago | Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send… | |||
| CVE-2018-25272 | critical | 9.8 | 9.8 | 1mo ago | ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to … | |||
| CVE-2018-7791 | critical | 9.8 | 9.8 | 8y ago | A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows una… | |||
| CVE-2018-7790 | critical | 9.8 | 9.8 | 8y ago | An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized user… | |||
| CVE-2018-8859 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specif… | |||
| CVE-2018-8855 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default,… | |||
| CVE-2018-8851 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow… | |||
| CVE-2018-10627 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change s… | |||
| CVE-2018-6103 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-1000085 | critical | — | 9.5 | — | ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit cha… | |||
| CVE-2018-6111 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6102 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5125 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… | |||
| CVE-2018-6108 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-11354 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. | |||
| CVE-2018-18343 | critical | — | 9.5 | — | Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-18355 | critical | — | 9.5 | — | Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||
| CVE-2018-5178 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5155 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, … | |||
| CVE-2018-5161 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-6107 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5764 | critical | — | 9.5 | — | The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection me… | |||
| CVE-2018-6106 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-6090 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18646 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-18359 | critical | — | 9.5 | — | Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||
| CVE-2018-18354 | critical | — | 9.5 | — | Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page. | |||
| CVE-2018-17481 | critical | — | 9.5 | — | Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||
| CVE-2018-18339 | critical | — | 9.5 | — | Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-20346 | critical | — | 9.5 | — | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow… | |||
| CVE-2018-5167 | critical | — | 9.5 | — | The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be … | |||
| CVE-2018-5173 | critical | — | 9.5 | — | The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially exe… | |||
| CVE-2018-18335 | critical | — | 9.5 | — | Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-5181 | critical | — | 9.5 | — | If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to p… | |||
| CVE-2018-5180 | critical | — | 9.5 | — | A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief… | |||
| CVE-2018-5187 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to ru… | |||
| CVE-2018-5188 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could… | |||
| CVE-2018-18340 | critical | — | 9.5 | — | Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-18336 | critical | — | 9.5 | — | Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||
| CVE-2018-18342 | critical | — | 9.5 | — | Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker t… | |||
| CVE-2018-18349 | critical | — | 9.5 | — | Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to acce… | |||
| CVE-2018-17471 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5129 | critical | — | 9.5 | — | A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in th… | |||
| CVE-2018-5185 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5150 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of the… | |||
| CVE-2018-5184 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-12373 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-0202 | critical | — | 9.5 | — | clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is… | |||
| CVE-2018-5170 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5160 | critical | — | 9.5 | — | WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a pot… | |||
| CVE-2018-5162 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-17473 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5176 | critical | — | 9.5 | — | The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" link… | |||
| CVE-2018-1057 | critical | — | 9.5 | — | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' … | |||
| CVE-2018-18649 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-11359 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | |||
| CVE-2018-19628 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. | |||
| CVE-2018-18344 | critical | — | 9.5 | — | Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to a… | |||
| CVE-2018-5157 | critical | — | 9.5 | — | Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing… | |||
| CVE-2018-17465 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-10529 | critical | — | 9.5 | — | An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. | |||
| CVE-2018-5166 | critical | — | 9.5 | — | WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have exp… | |||
| CVE-2018-6104 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-10528 | critical | — | 9.5 | — | An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp. | |||
| CVE-2018-5156 | critical | — | 9.5 | — | A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potent… | |||
| CVE-2018-5179 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5175 | critical | — | 9.5 | — | A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could i… | |||
| CVE-2018-5182 | critical | — | 9.5 | — | If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy a… | |||
| CVE-2018-17469 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5183 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-11362 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing… | |||
| CVE-2018-17468 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5172 | critical | — | 9.5 | — | The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site… | |||
| CVE-2018-18648 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-17476 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18645 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-5153 | critical | — | 9.5 | — | If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating serve… | |||
| CVE-2018-12406 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |||
| CVE-2018-5186 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… |