CVEs from 2018
Total
3,719
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.1%
% with KEV
2.4%
% with exploit
2.4%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-5730 | medium | — | 5.5 | — | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerd… | |
| CVE-2018-14882 | medium | — | 5.5 | — | The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. | |
| CVE-2018-14469 | medium | — | 5.5 | — | The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). | |
| CVE-2018-10779 | medium | — | 5.5 | — | TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. | |
| CVE-2018-10103 | medium | — | 5.5 | — | tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). | |
| CVE-2018-6540 | medium | — | 5.5 | — | In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a… | |
| CVE-2018-12543 | medium | — | 5.5 | — | In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is published to Mosquitto that has a topic starting with $, but that is not $SYS, e.g. $test/test, then an assert is triggered that … | |
| CVE-2018-5296 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of… | |
| CVE-2018-20797 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPr… | |
| CVE-2018-11256 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and appli… | |
| CVE-2018-11254 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a… | |
| CVE-2018-1303 | medium | — | 5.5 | — | multiple issues in apache | |
| CVE-2018-1301 | medium | — | 5.5 | — | multiple issues in apache | |
| CVE-2018-5206 | medium | — | 5.5 | — | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | |
| CVE-2018-1125 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is comp… | |
| CVE-2018-1000007 | medium | — | 5.5 | — | libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the hos… | |
| CVE-2018-5709 | medium | — | 5.5 | — | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assig… | |
| CVE-2018-16228 | medium | — | 5.5 | — | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | |
| CVE-2018-7548 | medium | — | 5.5 | — | In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result. | |
| CVE-2018-14320 | medium | — | 5.5 | — | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must … | |
| CVE-2018-5207 | medium | — | 5.5 | — | When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | |
| CVE-2018-11805 | medium | — | 5.5 | — | In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In additio… | |
| CVE-2018-14881 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). | |
| CVE-2018-8002 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vu… | |
| CVE-2018-5783 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial… | |
| CVE-2018-12983 | medium | — | 5.5 | — | A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via … | |
| CVE-2018-19532 | medium | — | 5.5 | — | A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It all… | |
| CVE-2018-14468 | medium | — | 5.5 | — | The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | |
| CVE-2018-16451 | medium | — | 5.5 | — | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. | |
| CVE-2018-12607 | medium | — | 5.5 | — | multiple issues in gitlab | |
| CVE-2018-12606 | medium | — | 5.5 | — | multiple issues in gitlab | |
| CVE-2018-16855 | medium | — | 5.5 | — | An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a pack… | |
| CVE-2018-6459 | medium | — | 5.5 | — | The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that… | |
| CVE-2018-7727 | medium | — | 5.5 | — | An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack. | |
| CVE-2018-20103 | medium | — | 5.5 | — | An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a lon… | |
| CVE-2018-20102 | medium | — | 5.5 | — | An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 … | |
| CVE-2018-12327 | medium | — | 5.5 | — | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IP… | |
| CVE-2018-5205 | medium | — | 5.5 | — | When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. | |
| CVE-2018-16452 | medium | — | 5.5 | — | The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | |
| CVE-2018-16230 | medium | — | 5.5 | — | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | |
| CVE-2018-1000005 | medium | — | 5.5 | — | libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess… | |
| CVE-2018-1311 | medium | — | 5.5 | — | The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library… | |
| CVE-2018-13405 | medium | — | 5.5 | — | The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certai… | |
| CVE-2018-19661 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | |
| CVE-2018-19591 | medium | — | 5.5 | — | In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related t… | |
| CVE-2018-17478 | medium | — | 5.5 | — | information disclosure in chromium | |
| CVE-2018-5208 | medium | — | 5.5 | — | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | |
| CVE-2018-5738 | medium | — | 5.5 | — | Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND names… | |
| CVE-2018-5737 | medium | — | 5.5 | — | A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction … | |
| CVE-2018-17144 | medium | — | 5.5 | — | Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitabl… | |
| CVE-2018-5736 | medium | — | 5.5 | — | An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. … | |
| CVE-2018-1124 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can creat… | |
| CVE-2018-11255 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and applic… | |
| CVE-2018-20751 | medium | — | 5.5 | — | An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject(… | |
| CVE-2018-25306 | medium | 5.5 | 5.5 | 29d ago | PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmen… | |
| CVE-2018-25267 | medium | 5.5 | 5.5 | 1mo ago | UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attacker… | |
| CVE-2018-17828 | medium | — | 5.5 | 7mo ago | Moderate: zziplib security update | |
| CVE-2018-15209 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |
| CVE-2018-18624 | medium | — | 5.5 | 4y ago | Moderate: grafana security, bug fix, and enhancement update | |
| CVE-2018-7260 | medium | — | 5.5 | 4y ago | Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |
| CVE-2018-13258 | medium | — | 5.5 | 4y ago | Mediawiki tarball is missing .htaccess files | |
| CVE-2018-1000120 | medium | — | 5.5 | 4y ago | curl FTP path confusion leads to NIL byte out of bounds write | |
| CVE-2018-1999043 | medium | — | 5.5 | 4y ago | Missing Release of Resource after Effective Lifetime in Jenkins | |
| CVE-2018-0503 | medium | — | 5.5 | 4y ago | Mediawiki Improper Privilege Management | |
| CVE-2018-0505 | medium | — | 5.5 | 4y ago | Mediawiki BotPassword can bypass CentralAuth's account lock | |
| CVE-2018-14773 | medium | — | 5.5 | 4y ago | An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises … | |
| CVE-2018-14040 | medium | — | 5.5 | 4y ago | Bootstrap vulnerable to Cross-Site Scripting (XSS) | |
| CVE-2018-20845 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |
| CVE-2018-5727 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |
| CVE-2018-5785 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |
| CVE-2018-20847 | medium | — | 5.5 | 5y ago | Moderate: openjpeg2 security update | |
| CVE-2018-25013 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |
| CVE-2018-25012 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |
| CVE-2018-25009 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |
| CVE-2018-25014 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |
| CVE-2018-25010 | medium | — | 5.5 | 5y ago | Moderate: libwebp security update | |
| CVE-2018-21247 | medium | — | 5.5 | 5y ago | Moderate: libvncserver security update | |
| CVE-2018-17199 | medium | — | 5.5 | 5y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |
| CVE-2018-20843 | medium | — | 5.5 | 6y ago | In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enoug… | |
| CVE-2018-17189 | medium | — | 5.5 | 6y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |
| CVE-2018-11782 | medium | — | 5.5 | 6y ago | Moderate: subversion:1.10 security update | |
| CVE-2018-21035 | medium | — | 5.5 | 6y ago | Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update | |
| CVE-2018-14553 | medium | — | 5.5 | 6y ago | Moderate: gd security update | |
| CVE-2018-1000858 | medium | — | 5.5 | 6y ago | Moderate: gnupg2 security, bug fix, and enhancement update | |
| CVE-2018-20337 | medium | — | 5.5 | 6y ago | Moderate: GNOME security, bug fix, and enhancement update | |
| CVE-2018-11684 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |
| CVE-2018-11577 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |
| CVE-2018-11685 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |
| CVE-2018-12085 | medium | — | 5.5 | 6y ago | Moderate: liblouis security and bug fix update | |
| CVE-2018-19872 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |
| CVE-2018-19869 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |
| CVE-2018-19871 | medium | — | 5.5 | 6y ago | Moderate: qt5 security, bug fix, and enhancement update | |
| CVE-2018-13139 | medium | — | 5.5 | 6y ago | Moderate: libsndfile security update | |
| CVE-2018-19662 | medium | — | 5.5 | 6y ago | Moderate: libsndfile security update | |
| CVE-2018-20783 | medium | — | 5.5 | 6y ago | Moderate: php:7.2 security, bug fix, and enhancement update | |
| CVE-2018-20852 | medium | — | 5.5 | 6y ago | Moderate: python27:2.7 security, bug fix, and enhancement update | |
| CVE-2018-4868 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2018-9305 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2018-17229 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2018-19607 | medium | — | 5.5 | 6y ago | Moderate: exiv2 security, bug fix, and enhancement update |