CVEs from 2018
Total
3,289
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.8%
% with KEV
2.7%
% with exploit
2.8%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-19932 | high | — | 8.0 | — | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINE… | |
| CVE-2018-18557 | high | — | 8.0 | — | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) de… | |
| CVE-2018-1000156 | high | — | 8.0 | — | GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear … | |
| CVE-2018-8794 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even… | |
| CVE-2018-6126 | high | — | 8.0 | — | A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |
| CVE-2018-1120 | high | — | 8.0 | — | A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can ca… | |
| CVE-2018-3615 | high | — | 8.0 | — | Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enc… | |
| CVE-2018-20199 | high | — | 8.0 | — | A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash… | |
| CVE-2018-14360 | high | — | 8.0 | — | An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage. | |
| CVE-2018-1000879 | high | — | 8.0 | — | libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c… | |
| CVE-2018-6149 | high | — | 8.0 | — | arbitrary code execution in chromium | |
| CVE-2018-14355 | high | — | 8.0 | — | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles ".." directory traversal in a mailbox name. | |
| CVE-2018-20592 | high | — | 8.0 | — | In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted … | |
| CVE-2018-14351 | high | — | 8.0 | — | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/command.c mishandles a long IMAP status mailbox literal count size. | |
| CVE-2018-20177 | high | — | 8.0 | — | rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even … | |
| CVE-2018-1046 | high | — | 8.0 | — | pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-base… | |
| CVE-2018-16839 | high | — | 8.0 | — | Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. | |
| CVE-2018-18226 | high | — | 8.0 | — | In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approa… | |
| CVE-2018-7889 | high | — | 8.0 | — | gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Pyt… | |
| CVE-2018-14361 | high | — | 8.0 | — | An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. | |
| CVE-2018-14359 | high | — | 8.0 | — | An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data. | |
| CVE-2018-25011 | high | — | 8.0 | — | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | |
| CVE-2018-12356 | high | — | 8.0 | — | An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, … | |
| CVE-2018-11377 | high | — | 8.0 | — | The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | |
| CVE-2018-8897 | high | — | 8.0 | — | A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, result… | |
| CVE-2018-19039 | high | — | 8.0 | — | arbitrary filesystem access in grafana | |
| CVE-2018-6574 | high | — | 8.0 | 4y ago | Remote command execution via "go get" command with cgo in cmd/go | |
| CVE-2018-16873 | high | — | 8.0 | 4y ago | Remote command execution via "go get" with "-u" flag in cmd/go | |
| CVE-2018-16874 | high | — | 8.0 | 4y ago | Directory traversal via "go get" command in cmd/go | |
| CVE-2018-16875 | high | — | 8.0 | 4y ago | Denial of service in chain verification in crypto/x509 | |
| CVE-2018-20303 | high | — | 8.0 | 4y ago | Gogs Directory Traversal | |
| CVE-2018-1999006 | high | — | 8.0 | 4y ago | Exposure of Sensitive Information to an Unauthorized Actor in Jenkins | |
| CVE-2018-7408 | high | — | 8.0 | 4y ago | An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's bl… | |
| CVE-2018-1999002 | high | — | 8.0 | 4y ago | Improper Input Validation in Jenkins | |
| CVE-2018-1999007 | high | — | 8.0 | 4y ago | Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin | |
| CVE-2018-1999004 | high | — | 8.0 | 4y ago | Incorrect Authorization in Jenkins | |
| CVE-2018-1999005 | high | — | 8.0 | 4y ago | Improper Neutralization of Input During Web Page Generation in Jenkins | |
| CVE-2018-1999001 | high | — | 8.0 | 4y ago | Improper Input Validation in Jenkins | |
| CVE-2018-1999003 | high | — | 8.0 | 4y ago | Incorrect Authorization in Jenkins | |
| CVE-2018-25032 | high | — | 8.0 | 4y ago | Important: mingw-zlib security update | |
| CVE-2018-8037 | high | — | 8.0 | 8y ago | Apache Tomcat Race Condition vulnerability | |
| CVE-2018-8034 | high | — | 8.0 | 8y ago | The host name verification missing in Apache Tomcat | |
| CVE-2018-8014 | high | — | 8.0 | 8y ago | The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins | |
| CVE-2018-11784 | high | — | 8.0 | 8y ago | Apache Tomcat Open Redirect vulnerability | |
| CVE-2018-12086 | high | — | 8.0 | 8y ago | Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. | |
| CVE-2018-25302 | high | 7.8 | 7.8 | 29d ago | Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a ma… | |
| CVE-2018-25261 | high | 7.8 | 7.8 | 1mo ago | Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious… | |
| CVE-2018-25260 | high | 7.8 | 7.8 | 1mo ago | MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. A… | |
| CVE-2018-25259 | high | 7.8 | 7.8 | 1mo ago | Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception… | |
| CVE-2018-25213 | high | 7.8 | 7.8 | 2mo ago | Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. At… | |
| CVE-2018-6400 | high | 7.8 | 7.8 | 8y ago | Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecur… | |
| CVE-2018-25374 | high | 7.5 | 7.5 | 3d ago | Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers … | |
| CVE-2018-25368 | high | 7.5 | 7.5 | 3d ago | Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca… | |
| CVE-2018-25365 | high | 7.5 | 7.5 | 3d ago | PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat… | |
| CVE-2018-25358 | high | 7.5 | 7.5 | 5d ago | D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST req… | |
| CVE-2018-25329 | high | 7.5 | 7.5 | 11d ago | WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attack… | |
| CVE-2018-25326 | high | 7.5 | 7.5 | 11d ago | Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parame… | |
| CVE-2018-25325 | high | 7.5 | 7.5 | 11d ago | Woocommerce CSV Importer 3.3.6 contains a path traversal vulnerability that allows any registered user to delete arbitrary files by submitting unescaped filenames through the delete_export_file AJAX … | |
| CVE-2018-17958 | high | 7.5 | 7.5 | 8y ago | Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | |
| CVE-2018-25381 | high | 7.1 | 7.1 | 3d ago | Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can injec… | |
| CVE-2018-25380 | high | 7.1 | 7.1 | 3d ago | Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_s… | |
| CVE-2018-25352 | high | 7.1 | 7.1 | 5d ago | WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code th… | |
| CVE-2018-25347 | high | 7.1 | 7.1 | 5d ago | WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generete_csv_f… | |
| CVE-2018-25346 | high | 7.1 | 7.1 | 5d ago | WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMa… | |
| CVE-2018-25319 | high | 7.1 | 7.1 | 11d ago | Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents_id parameter. Att… | |
| CVE-2018-25207 | high | 7.1 | 7.1 | 2mo ago | Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POS… | |
| CVE-2018-8956 | low | — | 2.5 | — | ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packet… | |
| CVE-2018-0737 | low | — | 2.5 | — | The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key gen… | |
| CVE-2018-6942 | low | — | 2.5 | — | An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. | |
| CVE-2018-0735 | low | — | 2.5 | — | The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in O… | |
| CVE-2018-0734 | low | — | 2.5 | — | The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in Ope… | |
| CVE-2018-5388 | low | — | 2.5 | — | In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | |
| CVE-2018-13259 | low | — | 2.5 | — | An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one. | |
| CVE-2018-0732 | low | — | 2.5 | — | During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long pe… | |
| CVE-2018-7175 | low | — | 2.5 | — | An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components. | |
| CVE-2018-0502 | low | — | 2.5 | — | An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line. | |
| CVE-2018-9055 | low | — | 2.5 | — | denial of service in jasper | |
| CVE-2018-1071 | low | — | 2.5 | — | zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service. | |
| CVE-2018-12558 | low | — | 2.5 | — | The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that c… | |
| CVE-2018-7173 | low | — | 2.5 | — | A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding. | |
| CVE-2018-7453 | low | — | 2.5 | — | Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | |
| CVE-2018-7452 | low | — | 2.5 | — | A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | |
| CVE-2018-10932 | low | — | 2.5 | — | lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the … | |
| CVE-2018-9234 | low | — | 2.5 | — | GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with acce… | |
| CVE-2018-7455 | low | — | 2.5 | — | An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | |
| CVE-2018-7174 | low | — | 2.5 | — | An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams. | |
| CVE-2018-20225 | low | — | 2.5 | — | arbitrary code execution in python-pip | |
| CVE-2018-7454 | low | — | 2.5 | — | A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | |
| CVE-2018-20482 | low | — | 2.5 | — | GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c)… | |
| CVE-2018-18445 | low | — | 2.5 | — | In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min… | |
| CVE-2018-12699 | low | — | 2.5 | 2y ago | Low: binutils security update | |
| CVE-2018-20673 | low | — | 2.5 | 5y ago | Low: gcc security and bug fix update | |
| CVE-2018-7263 | low | — | 2.5 | 6y ago | Low: GStreamer, libmad, and SDL security, bug fix, and enhancement update | |
| CVE-2018-19841 | low | — | 2.5 | 6y ago | Low: wavpack security update | |
| CVE-2018-19840 | low | — | 2.5 | 6y ago | Low: wavpack security update | |
| CVE-2018-10392 | low | — | 2.5 | 7y ago | Low: libvorbis security update | |
| CVE-2018-10393 | low | — | 2.5 | 7y ago | Low: libvorbis security update | |
| CVE-2018-18751 | low | — | 2.5 | 7y ago | Low: gettext security update | |
| CVE-2018-14634 | unknown | — | 1.5 | 4mo ago | An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate … | |
| CVE-2018-14667 | unknown | — | 1.5 | 4y ago | Richfaces vulnerable to arbitrary code execution |