CVEs from 2018
Total
3,719
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.1%
% with KEV
2.4%
% with exploit
2.4%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-10859 | high | — | 8.0 | — | git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key… | |
| CVE-2018-1000115 | high | — | 8.0 | — | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial … | |
| CVE-2018-1000001 | high | — | 8.0 | — | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | |
| CVE-2018-1999023 | high | — | 8.0 | — | The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appe… | |
| CVE-2018-1000051 | high | — | 8.0 | — | Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a … | |
| CVE-2018-6187 | high | — | 8.0 | — | In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cau… | |
| CVE-2018-5686 | high | — | 8.0 | — | In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered. Remote attackers could leverage this vul… | |
| CVE-2018-6192 | high | — | 8.0 | — | In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. | |
| CVE-2018-6544 | high | — | 8.0 | — | pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of servi… | |
| CVE-2018-7050 | high | — | 8.0 | — | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | |
| CVE-2018-7051 | high | — | 8.0 | — | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings. | |
| CVE-2018-14361 | high | — | 8.0 | — | An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data. | |
| CVE-2018-11383 | high | — | 8.0 | — | The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in … | |
| CVE-2018-11382 | high | — | 8.0 | — | The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | |
| CVE-2018-11381 | high | — | 8.0 | — | The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | |
| CVE-2018-11375 | high | — | 8.0 | — | The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | |
| CVE-2018-11380 | high | — | 8.0 | — | The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file. | |
| CVE-2018-11384 | high | — | 8.0 | — | The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | |
| CVE-2018-16151 | high | — | 8.0 | — | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded al… | |
| CVE-2018-14325 | high | — | 8.0 | — | multiple issues in libmp4v2 | |
| CVE-2018-14403 | high | — | 8.0 | — | multiple issues in libmp4v2 | |
| CVE-2018-6149 | high | — | 8.0 | — | arbitrary code execution in chromium | |
| CVE-2018-6148 | high | — | 8.0 | — | access restriction bypass in chromium | |
| CVE-2018-7409 | high | — | 8.0 | — | In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c. | |
| CVE-2018-11210 | high | — | 8.0 | — | TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use … | |
| CVE-2018-5745 | high | — | 8.0 | — | "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the manage… | |
| CVE-2018-6574 | high | — | 8.0 | 4y ago | Remote command execution via "go get" command with cgo in cmd/go | |
| CVE-2018-16873 | high | — | 8.0 | 4y ago | Remote command execution via "go get" with "-u" flag in cmd/go | |
| CVE-2018-16874 | high | — | 8.0 | 4y ago | Directory traversal via "go get" command in cmd/go | |
| CVE-2018-16875 | high | — | 8.0 | 4y ago | Denial of service in chain verification in crypto/x509 | |
| CVE-2018-20303 | high | — | 8.0 | 4y ago | Gogs Directory Traversal | |
| CVE-2018-1999006 | high | — | 8.0 | 4y ago | Exposure of Sensitive Information to an Unauthorized Actor in Jenkins | |
| CVE-2018-7408 | high | — | 8.0 | 4y ago | An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's bl… | |
| CVE-2018-1999004 | high | — | 8.0 | 4y ago | Incorrect Authorization in Jenkins | |
| CVE-2018-1999002 | high | — | 8.0 | 4y ago | Improper Input Validation in Jenkins | |
| CVE-2018-1999007 | high | — | 8.0 | 4y ago | Cross-site scripting vulnerability exists in Jenkins and Stapler Plugin | |
| CVE-2018-1999005 | high | — | 8.0 | 4y ago | Improper Neutralization of Input During Web Page Generation in Jenkins | |
| CVE-2018-1999001 | high | — | 8.0 | 4y ago | Improper Input Validation in Jenkins | |
| CVE-2018-1999003 | high | — | 8.0 | 4y ago | Incorrect Authorization in Jenkins | |
| CVE-2018-25032 | high | — | 8.0 | 4y ago | Important: mingw-zlib security update | |
| CVE-2018-8037 | high | — | 8.0 | 8y ago | Apache Tomcat Race Condition vulnerability | |
| CVE-2018-8034 | high | — | 8.0 | 8y ago | The host name verification missing in Apache Tomcat | |
| CVE-2018-8014 | high | — | 8.0 | 8y ago | Important: pki-deps:10.6 security update | |
| CVE-2018-11784 | high | — | 8.0 | 8y ago | Apache Tomcat Open Redirect vulnerability | |
| CVE-2018-12086 | high | — | 8.0 | 8y ago | Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. | |
| CVE-2018-25302 | high | 7.8 | 7.8 | 29d ago | Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a ma… | |
| CVE-2018-25261 | high | 7.8 | 7.8 | 1mo ago | Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious… | |
| CVE-2018-25260 | high | 7.8 | 7.8 | 1mo ago | MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. A… | |
| CVE-2018-25259 | high | 7.8 | 7.8 | 1mo ago | Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception… | |
| CVE-2018-25213 | high | 7.8 | 7.8 | 2mo ago | Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. At… | |
| CVE-2018-6400 | high | 7.8 | 7.8 | 8y ago | Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecur… | |
| CVE-2018-25374 | high | 7.5 | 7.5 | 3d ago | Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers … | |
| CVE-2018-25368 | high | 7.5 | 7.5 | 3d ago | Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca… | |
| CVE-2018-25365 | high | 7.5 | 7.5 | 3d ago | PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat… | |
| CVE-2018-25358 | high | 7.5 | 7.5 | 5d ago | D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST req… | |
| CVE-2018-25329 | high | 7.5 | 7.5 | 11d ago | WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attack… | |
| CVE-2018-25326 | high | 7.5 | 7.5 | 11d ago | Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parame… | |
| CVE-2018-25325 | high | 7.5 | 7.5 | 11d ago | Woocommerce CSV Importer 3.3.6 contains a path traversal vulnerability that allows any registered user to delete arbitrary files by submitting unescaped filenames through the delete_export_file AJAX … | |
| CVE-2018-17958 | high | 7.5 | 7.5 | 8y ago | Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | |
| CVE-2018-25381 | high | 7.1 | 7.1 | 3d ago | Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can injec… | |
| CVE-2018-25380 | high | 7.1 | 7.1 | 3d ago | Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_s… | |
| CVE-2018-25352 | high | 7.1 | 7.1 | 5d ago | WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code th… | |
| CVE-2018-25347 | high | 7.1 | 7.1 | 5d ago | WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generete_csv_f… | |
| CVE-2018-25346 | high | 7.1 | 7.1 | 5d ago | WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMa… | |
| CVE-2018-25319 | high | 7.1 | 7.1 | 11d ago | Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents_id parameter. Att… | |
| CVE-2018-25207 | high | 7.1 | 7.1 | 2mo ago | Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POS… | |
| CVE-2018-25361 | medium | 6.8 | 6.8 | 3d ago | Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption k… | |
| CVE-2018-10622 | medium | 6.8 | 6.8 | 8y ago | Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data. | |
| CVE-2018-25312 | medium | 6.5 | 6.5 | 29d ago | LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interfac… | |
| CVE-2018-25311 | medium | 6.5 | 6.5 | 29d ago | VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path trav… | |
| CVE-2018-25378 | medium | 6.2 | 6.2 | 3d ago | Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can crea… | |
| CVE-2018-25369 | medium | 6.2 | 6.2 | 3d ago | Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious p… | |
| CVE-2018-25367 | medium | 6.2 | 6.2 | 3d ago | NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can tri… | |
| CVE-2018-25324 | medium | 6.2 | 6.2 | 11d ago | Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspat… | |
| CVE-2018-25313 | medium | 6.2 | 6.2 | 29d ago | SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can in… | |
| CVE-2018-25305 | medium | 6.2 | 6.2 | 29d ago | librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the… | |
| CVE-2018-25349 | medium | 6.1 | 6.1 | 5d ago | userSpice 4.3.24 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the X-Forwarded-For HTTP header. Attackers can send crafted requests to the ba… | |
| CVE-2018-25331 | medium | 6.1 | 6.1 | 11d ago | Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attac… | |
| CVE-2018-25309 | medium | 6.1 | 6.1 | 29d ago | MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can creat… | |
| CVE-2018-25269 | medium | 6.1 | 6.1 | 1mo ago | ICEWARP 10.3.4 and 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object and embed … | |
| CVE-2018-25247 | medium | 6.1 | 6.1 | 2mo ago | MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that disp… | |
| CVE-2018-18384 | medium | — | 5.5 | — | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is… | |
| CVE-2018-11805 | medium | — | 5.5 | — | In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In additio… | |
| CVE-2018-1000122 | medium | — | 5.5 | — | A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | |
| CVE-2018-6954 | medium | — | 5.5 | — | systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of … | |
| CVE-2018-20797 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPr… | |
| CVE-2018-5296 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of… | |
| CVE-2018-1122 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege esca… | |
| CVE-2018-19432 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. | |
| CVE-2018-14467 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). | |
| CVE-2018-14466 | medium | — | 5.5 | — | The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | |
| CVE-2018-16227 | medium | — | 5.5 | — | The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. | |
| CVE-2018-14461 | medium | — | 5.5 | — | The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | |
| CVE-2018-12327 | medium | — | 5.5 | — | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IP… | |
| CVE-2018-1124 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can creat… | |
| CVE-2018-14626 | medium | — | 5.5 | — | PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of ser… | |
| CVE-2018-17144 | medium | — | 5.5 | — | Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitabl… | |
| CVE-2018-5208 | medium | — | 5.5 | — | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | |
| CVE-2018-19591 | medium | — | 5.5 | — | In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related t… | |
| CVE-2018-11255 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and applic… |