CVEs from 2018
Total
3,179
critical
critical 228
high
high 291
medium
medium 229
low
low 32
% Critical
7.2%
% with KEV
2.8%
% with exploit
4.0%
Top vendors
Top products
- modicon_m221 6
- erpnext 4
- somachine_basic 2
- modicon_m340 2
- modicon_m580 2
- 140cpu67160 1
- 140cpu65160s 1
- terminal_services_manager 1
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14879 | medium | — | 5.5 | — | The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). | |||
| CVE-2018-1000122 | medium | — | 5.5 | — | A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | |||
| CVE-2018-20797 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPr… | |||
| CVE-2018-11256 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and appli… | |||
| CVE-2018-5709 | medium | — | 5.5 | — | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assig… | |||
| CVE-2018-5207 | medium | — | 5.5 | — | When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | |||
| CVE-2018-8002 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vu… | |||
| CVE-2018-6459 | medium | — | 5.5 | — | The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that… | |||
| CVE-2018-1125 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is comp… | |||
| CVE-2018-7548 | medium | — | 5.5 | — | In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result. | |||
| CVE-2018-11805 | medium | — | 5.5 | — | In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In additio… | |||
| CVE-2018-1000005 | medium | — | 5.5 | — | libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess… | |||
| CVE-2018-12606 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2018-1311 | medium | — | 5.5 | — | The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library… | |||
| CVE-2018-1124 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can creat… | |||
| CVE-2018-13405 | medium | — | 5.5 | — | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certai… | |||
| CVE-2018-5208 | medium | — | 5.5 | — | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | |||
| CVE-2018-17478 | medium | — | 5.5 | — | information disclosure in chromium | |||
| CVE-2018-19591 | medium | — | 5.5 | — | In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related t… | |||
| CVE-2018-19661 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | |||
| CVE-2018-20103 | medium | — | 5.5 | — | An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a lon… | |||
| CVE-2018-5737 | medium | — | 5.5 | — | A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction … | |||
| CVE-2018-5738 | medium | — | 5.5 | — | Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND names… | |||
| CVE-2018-16230 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | |||
| CVE-2018-16452 | medium | — | 5.5 | — | The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | |||
| CVE-2018-12327 | medium | — | 5.5 | — | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IP… | |||
| CVE-2018-16451 | medium | — | 5.5 | — | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. | |||
| CVE-2018-14468 | medium | — | 5.5 | — | The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | |||
| CVE-2018-19532 | medium | — | 5.5 | — | A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It all… | |||
| CVE-2018-6484 | medium | — | 5.5 | — | In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of se… | |||
| CVE-2018-6869 | medium | — | 5.5 | — | In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a den… | |||
| CVE-2018-7726 | medium | — | 5.5 | — | An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service … | |||
| CVE-2018-19758 | medium | — | 5.5 | — | There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | |||
| CVE-2018-18384 | medium | — | 5.5 | — | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is… | |||
| CVE-2018-1302 | medium | — | 5.5 | — | multiple issues in apache | |||
| CVE-2018-8011 | medium | — | 5.5 | — | denial of service in apache | |||
| CVE-2018-14467 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). | |||
| CVE-2018-14466 | medium | — | 5.5 | — | The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | |||
| CVE-2018-16227 | medium | — | 5.5 | — | The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. | |||
| CVE-2018-14461 | medium | — | 5.5 | — | The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | |||
| CVE-2018-10105 | medium | — | 5.5 | — | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). | |||
| CVE-2018-11255 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and applic… | |||
| CVE-2018-20751 | medium | — | 5.5 | — | An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject(… | |||
| CVE-2018-5308 | medium | — | 5.5 | — | PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-… | |||
| CVE-2018-14465 | medium | — | 5.5 | — | The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | |||
| CVE-2018-14462 | medium | — | 5.5 | — | The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | |||
| CVE-2018-14880 | medium | — | 5.5 | — | The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). | |||
| CVE-2018-14470 | medium | — | 5.5 | — | The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). | |||
| CVE-2018-14644 | medium | — | 5.5 | — | An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DN… | |||
| CVE-2018-5206 | medium | — | 5.5 | — | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | |||
| CVE-2018-6954 | medium | — | 5.5 | — | multiple issues in systemd | |||
| CVE-2018-16866 | medium | — | 5.5 | — | multiple issues in systemd | |||
| CVE-2018-16228 | medium | — | 5.5 | — | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | |||
| CVE-2018-10851 | medium | — | 5.5 | — | PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed rec… | |||
| CVE-2018-14626 | medium | — | 5.5 | — | PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of ser… | |||
| CVE-2018-14320 | medium | — | 5.5 | — | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must … | |||
| CVE-2018-12983 | medium | — | 5.5 | — | A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via … | |||
| CVE-2018-12607 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2018-25306 | medium | 5.5 | 5.5 | 1mo ago | PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmen… | |||
| CVE-2018-25267 | medium | 5.5 | 5.5 | 1mo ago | UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attacker… | |||
| CVE-2018-17828 | medium | — | 5.5 | 7mo ago | Moderate: zziplib security update | |||
| CVE-2018-15209 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2018-18624 | medium | — | 5.5 | 4y ago | Moderate: grafana security, bug fix, and enhancement update | |||
| CVE-2018-7260 | medium | — | 5.5 | 4y ago | Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||
| CVE-2018-13258 | medium | — | 5.5 | 4y ago | Mediawiki tarball is missing .htaccess files | |||
| CVE-2018-1000120 | medium | — | 5.5 | 4y ago | curl FTP path confusion leads to NIL byte out of bounds write | |||
| CVE-2018-1999043 | medium | — | 5.5 | 4y ago | Missing Release of Resource after Effective Lifetime in Jenkins | |||
| CVE-2018-0503 | medium | — | 5.5 | 4y ago | Mediawiki Improper Privilege Management | |||
| CVE-2018-0505 | medium | — | 5.5 | 4y ago | Mediawiki BotPassword can bypass CentralAuth's account lock | |||
| CVE-2018-14773 | medium | — | 5.5 | 4y ago | An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises … | |||
| CVE-2018-14040 | medium | — | 5.5 | 4y ago | Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update | |||
| CVE-2018-5727 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-20847 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-20845 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-5785 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-25013 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25014 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25010 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25012 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25009 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-21247 | medium | — | 5.5 | 5y ago | Moderate: libvncserver security update | |||
| CVE-2018-17199 | medium | — | 5.5 | 5y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |||
| CVE-2018-20843 | medium | — | 5.5 | 6y ago | In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enoug… | |||
| CVE-2018-17189 | medium | — | 5.5 | 6y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |||
| CVE-2018-11782 | medium | — | 5.5 | 6y ago | Moderate: subversion:1.10 security update | |||
| CVE-2018-21035 | medium | — | 5.5 | 6y ago | Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update | |||
| CVE-2018-14553 | medium | — | 5.5 | 6y ago | Moderate: gd security update | |||
| CVE-2018-1000858 | medium | — | 5.5 | 6y ago | Moderate: gnupg2 security, bug fix, and enhancement update | |||
| CVE-2018-20337 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |||
| CVE-2018-11577 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-11685 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-12085 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-11684 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-19872 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |||
| CVE-2018-19871 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |||
| CVE-2018-19869 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |||
| CVE-2018-19662 | medium | — | 5.5 | 6y ago | Moderate: libsndfile security update | |||
| CVE-2018-13139 | medium | — | 5.5 | 6y ago | Moderate: libsndfile security update | |||
| CVE-2018-20783 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |||
| CVE-2018-20852 | medium | — | 5.5 | 6y ago | Moderate: python27:2.7 security, bug fix, and enhancement update |