CVEs from 2018
Total
3,156
critical
critical 228
high
high 272
medium
medium 224
low
low 32
% Critical
7.2%
% with KEV
2.8%
% with exploit
4.0%
Top vendors
Top products
- modicon_m221 6
- erpnext 4
- somachine_basic 2
- modicon_m340 2
- modicon_m580 2
- 140cpu67160 1
- 140cpu65160s 1
- terminal_services_manager 1
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1000121 | medium | — | 5.5 | — | A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service | |||
| CVE-2018-1000007 | medium | — | 5.5 | — | libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the hos… | |||
| CVE-2018-1126 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. | |||
| CVE-2018-7549 | medium | — | 5.5 | — | In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p. | |||
| CVE-2018-7725 | medium | — | 5.5 | — | An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial … | |||
| CVE-2018-6381 | medium | — | 5.5 | — | In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk… | |||
| CVE-2018-6459 | medium | — | 5.5 | — | The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that… | |||
| CVE-2018-1122 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege esca… | |||
| CVE-2018-9251 | medium | — | 5.5 | — | The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERR… | |||
| CVE-2018-16376 | medium | — | 5.5 | — | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may… | |||
| CVE-2018-10105 | medium | — | 5.5 | — | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). | |||
| CVE-2018-16229 | medium | — | 5.5 | — | The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | |||
| CVE-2018-8002 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vu… | |||
| CVE-2018-19532 | medium | — | 5.5 | — | A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It all… | |||
| CVE-2018-20103 | medium | — | 5.5 | — | An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a lon… | |||
| CVE-2018-1333 | medium | — | 5.5 | — | denial of service in apache | |||
| CVE-2018-14464 | medium | — | 5.5 | — | The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | |||
| CVE-2018-7548 | medium | — | 5.5 | — | In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result. | |||
| CVE-2018-5729 | medium | — | 5.5 | — | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container ch… | |||
| CVE-2018-12982 | medium | — | 5.5 | — | Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file. | |||
| CVE-2018-18384 | medium | — | 5.5 | — | Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is… | |||
| CVE-2018-16855 | medium | — | 5.5 | — | An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a pack… | |||
| CVE-2018-19432 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. | |||
| CVE-2018-1000035 | medium | — | 5.5 | — | A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve co… | |||
| CVE-2018-1302 | medium | — | 5.5 | — | multiple issues in apache | |||
| CVE-2018-8011 | medium | — | 5.5 | — | denial of service in apache | |||
| CVE-2018-18520 | medium | — | 5.5 | — | An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes… | |||
| CVE-2018-12606 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2018-8001 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly… | |||
| CVE-2018-5208 | medium | — | 5.5 | — | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | |||
| CVE-2018-10195 | medium | — | 5.5 | — | lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around. | |||
| CVE-2018-1124 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can creat… | |||
| CVE-2018-5736 | medium | — | 5.5 | — | An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. … | |||
| CVE-2018-5738 | medium | — | 5.5 | — | Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND names… | |||
| CVE-2018-16230 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | |||
| CVE-2018-16452 | medium | — | 5.5 | — | The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | |||
| CVE-2018-19661 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | |||
| CVE-2018-14879 | medium | — | 5.5 | — | The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). | |||
| CVE-2018-20102 | medium | — | 5.5 | — | An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 … | |||
| CVE-2018-7727 | medium | — | 5.5 | — | An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. | |||
| CVE-2018-16451 | medium | — | 5.5 | — | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. | |||
| CVE-2018-14468 | medium | — | 5.5 | — | The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | |||
| CVE-2018-5783 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial… | |||
| CVE-2018-12607 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2018-12983 | medium | — | 5.5 | — | A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via … | |||
| CVE-2018-14881 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). | |||
| CVE-2018-5207 | medium | — | 5.5 | — | When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | |||
| CVE-2018-5709 | medium | — | 5.5 | — | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assig… | |||
| CVE-2018-14469 | medium | — | 5.5 | — | The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). | |||
| CVE-2018-5730 | medium | — | 5.5 | — | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerd… | |||
| CVE-2018-8000 | medium | — | 5.5 | — | multiple issues in podofo | |||
| CVE-2018-11805 | medium | — | 5.5 | — | In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In additio… | |||
| CVE-2018-0739 | medium | — | 5.5 | — | Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of … | |||
| CVE-2018-1000135 | medium | — | 5.5 | — | GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, w… | |||
| CVE-2018-20846 | medium | — | 5.5 | — | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to caus… | |||
| CVE-2018-14463 | medium | — | 5.5 | — | The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | |||
| CVE-2018-16300 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. | |||
| CVE-2018-25306 | medium | 5.5 | 5.5 | 1mo ago | PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmen… | |||
| CVE-2018-25267 | medium | 5.5 | 5.5 | 1mo ago | UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attacker… | |||
| CVE-2018-17828 | medium | — | 5.5 | 7mo ago | Moderate: zziplib security update | |||
| CVE-2018-15209 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2018-18624 | medium | — | 5.5 | 4y ago | Moderate: grafana security, bug fix, and enhancement update | |||
| CVE-2018-7260 | medium | — | 5.5 | 4y ago | Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||
| CVE-2018-13258 | medium | — | 5.5 | 4y ago | Mediawiki tarball is missing .htaccess files | |||
| CVE-2018-1000120 | medium | — | 5.5 | 4y ago | curl FTP path confusion leads to NIL byte out of bounds write | |||
| CVE-2018-1999043 | medium | — | 5.5 | 4y ago | Missing Release of Resource after Effective Lifetime in Jenkins | |||
| CVE-2018-0503 | medium | — | 5.5 | 4y ago | Mediawiki Improper Privilege Management | |||
| CVE-2018-0505 | medium | — | 5.5 | 4y ago | Mediawiki BotPassword can bypass CentralAuth's account lock | |||
| CVE-2018-14773 | medium | — | 5.5 | 4y ago | An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises … | |||
| CVE-2018-14040 | medium | — | 5.5 | 4y ago | Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update | |||
| CVE-2018-5727 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-20845 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-20847 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-5785 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |||
| CVE-2018-25013 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25014 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25010 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25009 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-25012 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |||
| CVE-2018-21247 | medium | — | 5.5 | 5y ago | Moderate: libvncserver security update | |||
| CVE-2018-17199 | medium | — | 5.5 | 5y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |||
| CVE-2018-20843 | medium | — | 5.5 | 6y ago | In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enoug… | |||
| CVE-2018-17189 | medium | — | 5.5 | 6y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |||
| CVE-2018-11782 | medium | — | 5.5 | 6y ago | Moderate: subversion:1.10 security update | |||
| CVE-2018-21035 | medium | — | 5.5 | 6y ago | Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update | |||
| CVE-2018-14553 | medium | — | 5.5 | 6y ago | Moderate: gd security update | |||
| CVE-2018-1000858 | medium | — | 5.5 | 6y ago | Moderate: gnupg2 security, bug fix, and enhancement update | |||
| CVE-2018-20337 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |||
| CVE-2018-12085 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-11685 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-11684 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-11577 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |||
| CVE-2018-19872 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |||
| CVE-2018-19869 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |||
| CVE-2018-19871 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |||
| CVE-2018-13139 | medium | — | 5.5 | 6y ago | Moderate: libsndfile security update | |||
| CVE-2018-19662 | medium | — | 5.5 | 6y ago | Moderate: libsndfile security update | |||
| CVE-2018-20783 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |||
| CVE-2018-20852 | medium | — | 5.5 | 6y ago | Moderate: python27:2.7 security, bug fix, and enhancement update | |||
| CVE-2018-9304 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update |