CVEs from 2018
Total
3,288
critical
critical 226
high
high 266
medium
medium 224
low
low 32
% Critical
6.9%
% with KEV
2.7%
% with exploit
2.8%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-18643 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-18646 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-5172 | critical | — | 9.5 | — | The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site… | |
| CVE-2018-5169 | critical | — | 9.5 | — | If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the hom… | |
| CVE-2018-12396 | critical | — | 9.5 | — | A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites w… | |
| CVE-2018-6086 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12407 | critical | — | 9.5 | — | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially explo… | |
| CVE-2018-12402 | critical | — | 9.5 | — | The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For exampl… | |
| CVE-2018-12369 | critical | — | 9.5 | — | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… | |
| CVE-2018-6116 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12406 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-12385 | critical | — | 9.5 | — | A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… | |
| CVE-2018-12373 | critical | — | 9.5 | — | dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. | |
| CVE-2018-12362 | critical | — | 9.5 | — | An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects … | |
| CVE-2018-5186 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… | |
| CVE-2018-15687 | critical | — | 9.5 | — | multiple issues in systemd | |
| CVE-2018-5187 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to ru… | |
| CVE-2018-5183 | critical | — | 9.5 | — | Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerabil… | |
| CVE-2018-18492 | critical | — | 9.5 | — | A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. T… | |
| CVE-2018-5162 | critical | — | 9.5 | — | Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | |
| CVE-2018-17481 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18641 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-17464 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17477 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5158 | critical | — | 9.5 | 4y ago | Malicious PDF can inject JavaScript into PDF Viewer | |
| CVE-2018-6789 | high | — | 9.5 | 5y ago | Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution. | |
| CVE-2018-10895 | critical | — | 9.5 | 8y ago | qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/s… | |
| CVE-2018-25353 | high | 8.8 | 8.8 | 5d ago | Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accou… | |
| CVE-2018-25308 | high | 8.8 | 8.8 | 29d ago | BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attack… | |
| CVE-2018-3885 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by para… | |
| CVE-2018-3884 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and s… | |
| CVE-2018-3883 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and … | |
| CVE-2018-3882 | high | 8.8 | 8.8 | 8y ago | An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield p… | |
| CVE-2018-25377 | high | 8.4 | 8.4 | 3d ago | Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception ha… | |
| CVE-2018-25376 | high | 8.4 | 8.4 | 3d ago | Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling… | |
| CVE-2018-25375 | high | 8.4 | 8.4 | 3d ago | SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception ha… | |
| CVE-2018-25366 | high | 8.4 | 8.4 | 3d ago | CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p… | |
| CVE-2018-25360 | high | 8.4 | 8.4 | 3d ago | AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured ex… | |
| CVE-2018-25359 | high | 8.4 | 8.4 | 3d ago | Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can … | |
| CVE-2018-25373 | high | 8.4 | 8.4 | 3d ago | SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting … | |
| CVE-2018-25356 | high | 8.4 | 8.4 | 5d ago | SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can tri… | |
| CVE-2018-25345 | high | 8.4 | 8.4 | 5d ago | 10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft… | |
| CVE-2018-25344 | high | 8.4 | 8.4 | 5d ago | 10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering … | |
| CVE-2018-25355 | high | 8.4 | 8.4 | 5d ago | Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious … | |
| CVE-2018-25328 | high | 8.4 | 8.4 | 11d ago | VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craf… | |
| CVE-2018-25323 | high | 8.4 | 8.4 | 11d ago | Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payl… | |
| CVE-2018-25322 | high | 8.4 | 8.4 | 11d ago | Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can… | |
| CVE-2018-25315 | high | 8.4 | 8.4 | 29d ago | Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can… | |
| CVE-2018-25314 | high | 8.4 | 8.4 | 29d ago | Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Na… | |
| CVE-2018-25307 | high | 8.4 | 8.4 | 29d ago | SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key… | |
| CVE-2018-25304 | high | 8.4 | 8.4 | 29d ago | Free Download Manager 2.0 Build 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploita… | |
| CVE-2018-25303 | high | 8.4 | 8.4 | 29d ago | Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exce… | |
| CVE-2018-25301 | high | 8.4 | 8.4 | 29d ago | Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious userna… | |
| CVE-2018-25299 | high | 8.4 | 8.4 | 29d ago | Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malici… | |
| CVE-2018-25222 | high | 8.4 | 8.4 | 2mo ago | SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft ma… | |
| CVE-2018-25372 | high | 8.2 | 8.2 | 3d ago | MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email param… | |
| CVE-2018-25371 | high | 8.2 | 8.2 | 3d ago | mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality… | |
| CVE-2018-25364 | high | 8.2 | 8.2 | 3d ago | Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can sub… | |
| CVE-2018-25362 | high | 8.2 | 8.2 | 3d ago | Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit unio… | |
| CVE-2018-25379 | high | 8.2 | 8.2 | 3d ago | Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attacke… | |
| CVE-2018-25351 | high | 8.2 | 8.2 | 5d ago | Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the usernam… | |
| CVE-2018-25348 | high | 8.2 | 8.2 | 5d ago | Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attacker… | |
| CVE-2018-25342 | high | 8.2 | 8.2 | 5d ago | Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in sear… | |
| CVE-2018-25341 | high | 8.2 | 8.2 | 5d ago | Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET … | |
| CVE-2018-25340 | high | 8.2 | 8.2 | 5d ago | Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET … | |
| CVE-2018-25339 | high | 8.2 | 8.2 | 11d ago | Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the… | |
| CVE-2018-25338 | high | 8.2 | 8.2 | 11d ago | Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit th… | |
| CVE-2018-25333 | high | 8.2 | 8.2 | 11d ago | Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … | |
| CVE-2018-25330 | high | 8.2 | 8.2 | 11d ago | Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. At… | |
| CVE-2018-25300 | high | 8.2 | 8.2 | 29d ago | XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers c… | |
| CVE-2018-25206 | high | 8.2 | 8.2 | 2mo ago | KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'my_item_search' parameter in edit.php. Attackers can submit POST requests with malici… | |
| CVE-2018-25203 | high | 8.2 | 8.2 | 2mo ago | Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers c… | |
| CVE-2018-6544 | high | — | 8.0 | — | pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of servi… | |
| CVE-2018-18647 | high | — | 8.0 | — | multiple issues in gitlab | |
| CVE-2018-1120 | high | — | 8.0 | — | A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can ca… | |
| CVE-2018-1000877 | high | — | 8.0 | — | libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_form… | |
| CVE-2018-18066 | high | — | 8.0 | — | snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UD… | |
| CVE-2018-11383 | high | — | 8.0 | — | The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in … | |
| CVE-2018-14056 | high | — | 8.0 | — | ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. | |
| CVE-2018-16853 | high | — | 8.0 | — | Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba T… | |
| CVE-2018-8799 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault). | |
| CVE-2018-8800 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution. | |
| CVE-2018-8797 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. | |
| CVE-2018-8796 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault). | |
| CVE-2018-8794 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even… | |
| CVE-2018-8793 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. | |
| CVE-2018-8795 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probabl… | |
| CVE-2018-8792 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault). | |
| CVE-2018-20180 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably … | |
| CVE-2018-20179 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even… | |
| CVE-2018-17182 | high | — | 8.0 | — | An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possib… | |
| CVE-2018-20181 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably e… | |
| CVE-2018-20177 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even … | |
| CVE-2018-20182 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote c… | |
| CVE-2018-20176 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault). | |
| CVE-2018-7182 | high | — | 8.0 | — | The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 t… | |
| CVE-2018-3615 | high | — | 8.0 | — | Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enc… | |
| CVE-2018-20005 | high | — | 8.0 | — | An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc. | |
| CVE-2018-9846 | high | — | 8.0 | — | In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mb… | |
| CVE-2018-1046 | high | — | 8.0 | — | pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-base… |