CVEs from 2018
Total
3,419
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.6%
% with KEV
2.6%
% with exploit
2.7%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-12407 | critical | — | 9.5 | — | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially explo… | |
| CVE-2018-18350 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12360 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulne… | |
| CVE-2018-6086 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5147 | critical | — | 9.5 | — | The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firef… | |
| CVE-2018-6097 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6113 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5169 | critical | — | 9.5 | — | If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the hom… | |
| CVE-2018-18504 | critical | — | 9.5 | — | A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possi… | |
| CVE-2018-5183 | critical | — | 9.5 | — | Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerabil… | |
| CVE-2018-18359 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-0202 | critical | — | 9.5 | — | clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is… | |
| CVE-2018-1000085 | critical | — | 9.5 | — | ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit cha… | |
| CVE-2018-12358 | critical | — | 9.5 | — | Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability … | |
| CVE-2018-18643 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-18352 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12366 | critical | — | 9.5 | — | An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability af… | |
| CVE-2018-12376 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to … | |
| CVE-2018-18356 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6117 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18358 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18497 | critical | — | 9.5 | — | Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argumen… | |
| CVE-2018-15686 | critical | — | 9.5 | — | A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution an… | |
| CVE-2018-20346 | critical | — | 9.5 | — | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow… | |
| CVE-2018-11362 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing… | |
| CVE-2018-5173 | critical | — | 9.5 | — | The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially exe… | |
| CVE-2018-5175 | critical | — | 9.5 | — | A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could i… | |
| CVE-2018-6090 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-1057 | critical | — | 9.5 | — | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' … | |
| CVE-2018-5176 | critical | — | 9.5 | — | The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" link… | |
| CVE-2018-6088 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6087 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18340 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6112 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12386 | critical | — | 9.5 | — | A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… | |
| CVE-2018-12397 | critical | — | 9.5 | — | A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to … | |
| CVE-2018-11357 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | |
| CVE-2018-11358 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre… | |
| CVE-2018-11360 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu… | |
| CVE-2018-19622 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. | |
| CVE-2018-19625 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. | |
| CVE-2018-6100 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18649 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-19626 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. | |
| CVE-2018-6085 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17477 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17464 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17470 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6098 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18343 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18641 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-18348 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18357 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6106 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5144 | critical | — | 9.5 | — | An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. | |
| CVE-2018-6104 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5157 | critical | — | 9.5 | — | Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing… | |
| CVE-2018-5168 | critical | — | 9.5 | — | Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without… | |
| CVE-2018-1000300 | critical | — | 9.5 | — | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based me… | |
| CVE-2018-12388 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-12399 | critical | — | 9.5 | — | When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approvin… | |
| CVE-2018-12401 | critical | — | 9.5 | — | Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnera… | |
| CVE-2018-10933 | critical | — | 9.5 | — | A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unautho… | |
| CVE-2018-5152 | critical | — | 9.5 | — | WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For exa… | |
| CVE-2018-5153 | critical | — | 9.5 | — | If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating serve… | |
| CVE-2018-5711 | critical | — | 9.5 | — | gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an in… | |
| CVE-2018-12361 | critical | — | 9.5 | — | An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which resul… | |
| CVE-2018-12359 | critical | — | 9.5 | — | A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundari… | |
| CVE-2018-18494 | critical | — | 9.5 | — | A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This i… | |
| CVE-2018-18500 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a pote… | |
| CVE-2018-18501 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |
| CVE-2018-5145 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary cod… | |
| CVE-2018-17481 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-15688 | critical | — | 9.5 | — | A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and includin… | |
| CVE-2018-5151 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |
| CVE-2018-12362 | critical | — | 9.5 | — | An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects … | |
| CVE-2018-12373 | critical | — | 9.5 | — | dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. | |
| CVE-2018-12385 | critical | — | 9.5 | — | A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… | |
| CVE-2018-12363 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a… | |
| CVE-2018-18495 | critical | — | 9.5 | — | WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading … | |
| CVE-2018-11359 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | |
| CVE-2018-12406 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-11235 | critical | — | 9.5 | — | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project… | |
| CVE-2018-12387 | critical | — | 9.5 | — | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… | |
| CVE-2018-11361 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. | |
| CVE-2018-18355 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18354 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18347 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18338 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18353 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18351 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18337 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17473 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17471 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18349 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18346 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18335 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18345 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17476 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18342 | critical | — | 9.5 | — | multiple issues in chromium |