CVEs from 2018
Total
2,887
critical
critical 238
high
high 329
medium
medium 259
low
low 39
% Critical
8.2%
% with KEV
3.1%
% with exploit
9.0%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- mitel 8
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-19627 | critical | — | 10.0 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. | |||
| CVE-2018-6092 | critical | — | 10.0 | — | multiple issues in chromium | |||
| CVE-2018-10933 | critical | — | 10.0 | — | A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unautho… | |||
| CVE-2018-5159 | critical | — | 10.0 | — | An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially e… | |||
| CVE-2018-15687 | critical | — | 10.0 | — | multiple issues in systemd | |||
| CVE-2018-15686 | critical | — | 10.0 | — | multiple issues in systemd | |||
| CVE-2018-17480 | critical | — | 10.0 | 4y ago | Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple w… | |||
| CVE-2018-17463 | critical | — | 10.0 | 4y ago | Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web br… | |||
| CVE-2018-6789 | high | — | 10.0 | 5y ago | Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution. | |||
| CVE-2018-7602 | critical | — | 10.0 | 8y ago | A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site. | |||
| CVE-2018-7600 | critical | — | 10.0 | 8y ago | Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. | |||
| CVE-2018-11091 | critical | 9.9 | 9.9 | 8y ago | An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system comm… | |||
| CVE-2018-25427 | critical | 9.8 | 9.8 | 2d ago | Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers ca… | |||
| CVE-2018-25412 | critical | 9.8 | 9.8 | 5d ago | Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form… | |||
| CVE-2018-25357 | critical | 9.8 | 9.8 | 12d ago | Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter. Attackers ca… | |||
| CVE-2018-25350 | critical | 9.8 | 9.8 | 12d ago | userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. At… | |||
| CVE-2018-25335 | critical | 9.8 | 9.8 | 18d ago | WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint.… | |||
| CVE-2018-25332 | critical | 9.8 | 9.8 | 18d ago | GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file uploa… | |||
| CVE-2018-25320 | critical | 9.8 | 9.8 | 18d ago | ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can … | |||
| CVE-2018-25318 | critical | 9.8 | 9.8 | 1mo ago | Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers ca… | |||
| CVE-2018-25317 | critical | 9.8 | 9.8 | 1mo ago | Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… | |||
| CVE-2018-25316 | critical | 9.8 | 9.8 | 1mo ago | Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send… | |||
| CVE-2018-25272 | critical | 9.8 | 9.8 | 1mo ago | ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to … | |||
| CVE-2018-7791 | critical | 9.8 | 9.8 | 8y ago | A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows una… | |||
| CVE-2018-7790 | critical | 9.8 | 9.8 | 8y ago | An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized user… | |||
| CVE-2018-8859 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specif… | |||
| CVE-2018-8855 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default,… | |||
| CVE-2018-8851 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow… | |||
| CVE-2018-10627 | critical | 9.8 | 9.8 | 8y ago | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change s… | |||
| CVE-2018-6156 | critical | — | 9.5 | — | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | |||
| CVE-2018-1000222 | critical | — | 9.5 | — | Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted … | |||
| CVE-2018-19876 | critical | — | 9.5 | — | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid… | |||
| CVE-2018-19628 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. | |||
| CVE-2018-18649 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-6085 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18502 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |||
| CVE-2018-12369 | critical | — | 9.5 | — | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… | |||
| CVE-2018-18355 | critical | — | 9.5 | — | Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | |||
| CVE-2018-1000301 | critical | — | 9.5 | — | curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end o… | |||
| CVE-2018-6097 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-17481 | critical | — | 9.5 | — | Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||
| CVE-2018-12365 | critical | — | 9.5 | — | A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private l… | |||
| CVE-2018-18335 | critical | — | 9.5 | — | Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-6095 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12403 | critical | — | 9.5 | — | If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63. | |||
| CVE-2018-5711 | critical | — | 9.5 | — | gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an in… | |||
| CVE-2018-1050 | critical | — | 9.5 | — | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on … | |||
| CVE-2018-17466 | critical | — | 9.5 | — | Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||
| CVE-2018-5188 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could… | |||
| CVE-2018-12392 | critical | — | 9.5 | — | When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects… | |||
| CVE-2018-17474 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-5152 | critical | — | 9.5 | — | WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For exa… | |||
| CVE-2018-5187 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to ru… | |||
| CVE-2018-12390 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |||
| CVE-2018-12387 | critical | — | 9.5 | — | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… | |||
| CVE-2018-18349 | critical | — | 9.5 | — | Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to acce… | |||
| CVE-2018-18500 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a pote… | |||
| CVE-2018-12397 | critical | — | 9.5 | — | A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to … | |||
| CVE-2018-18358 | critical | — | 9.5 | — | Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. | |||
| CVE-2018-17470 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18504 | critical | — | 9.5 | — | A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possi… | |||
| CVE-2018-15688 | critical | — | 9.5 | — | multiple issues in systemd | |||
| CVE-2018-18342 | critical | — | 9.5 | — | Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker t… | |||
| CVE-2018-17475 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-18336 | critical | — | 9.5 | — | Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||
| CVE-2018-18354 | critical | — | 9.5 | — | Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page. | |||
| CVE-2018-18505 | critical | — | 9.5 | — | An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This … | |||
| CVE-2018-18344 | critical | — | 9.5 | — | Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to a… | |||
| CVE-2018-5173 | critical | — | 9.5 | — | The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially exe… | |||
| CVE-2018-5175 | critical | — | 9.5 | — | A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could i… | |||
| CVE-2018-5176 | critical | — | 9.5 | — | The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" link… | |||
| CVE-2018-5129 | critical | — | 9.5 | — | A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in th… | |||
| CVE-2018-18643 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-18353 | critical | — | 9.5 | — | Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an aut… | |||
| CVE-2018-12356 | critical | — | 9.5 | — | multiple issues in firefox | |||
| CVE-2018-5178 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-17462 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-20346 | critical | — | 9.5 | — | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow… | |||
| CVE-2018-12373 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5181 | critical | — | 9.5 | — | If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to p… | |||
| CVE-2018-5180 | critical | — | 9.5 | — | A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief… | |||
| CVE-2018-18340 | critical | — | 9.5 | — | Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2018-12370 | critical | — | 9.5 | — | In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, … | |||
| CVE-2018-18646 | critical | — | 9.5 | — | multiple issues in gitlab | |||
| CVE-2018-5183 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5162 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-5186 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… | |||
| CVE-2018-12360 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulne… | |||
| CVE-2018-12358 | critical | — | 9.5 | — | Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability … | |||
| CVE-2018-6106 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12359 | critical | — | 9.5 | — | A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundari… | |||
| CVE-2018-12379 | critical | — | 9.5 | — | When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running t… | |||
| CVE-2018-12372 | critical | — | 9.5 | — | multiple issues in thunderbird | |||
| CVE-2018-6099 | critical | — | 9.5 | — | multiple issues in chromium | |||
| CVE-2018-12378 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploita… | |||
| CVE-2018-12385 | critical | — | 9.5 | — | A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… | |||
| CVE-2018-12388 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |||
| CVE-2018-12386 | critical | — | 9.5 | — | A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… | |||
| CVE-2018-12377 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exp… | |||
| CVE-2018-12402 | critical | — | 9.5 | — | The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For exampl… |