CVEs from 2018
Total
3,719
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.1%
% with KEV
2.4%
% with exploit
2.4%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-17480 | critical | — | 10.0 | 4y ago | multiple issues in chromium | |
| CVE-2018-17463 | critical | — | 10.0 | 4y ago | multiple issues in chromium | |
| CVE-2018-7602 | critical | — | 10.0 | 8y ago | A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site. | |
| CVE-2018-7600 | critical | — | 10.0 | 8y ago | Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. | |
| CVE-2018-25357 | critical | 9.8 | 9.8 | 5d ago | Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter. Attackers ca… | |
| CVE-2018-25350 | critical | 9.8 | 9.8 | 5d ago | userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. At… | |
| CVE-2018-25335 | critical | 9.8 | 9.8 | 11d ago | WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint.… | |
| CVE-2018-25332 | critical | 9.8 | 9.8 | 11d ago | GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file uploa… | |
| CVE-2018-25320 | critical | 9.8 | 9.8 | 11d ago | ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can … | |
| CVE-2018-25318 | critical | 9.8 | 9.8 | 29d ago | Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers ca… | |
| CVE-2018-25317 | critical | 9.8 | 9.8 | 29d ago | Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… | |
| CVE-2018-25316 | critical | 9.8 | 9.8 | 29d ago | Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send… | |
| CVE-2018-25272 | critical | 9.8 | 9.8 | 1mo ago | ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to … | |
| CVE-2018-5159 | critical | — | 9.5 | — | An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially e… | |
| CVE-2018-15686 | critical | — | 9.5 | — | A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution an… | |
| CVE-2018-12395 | critical | — | 9.5 | — | By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are o… | |
| CVE-2018-5167 | critical | — | 9.5 | — | The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be … | |
| CVE-2018-5168 | critical | — | 9.5 | — | Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without… | |
| CVE-2018-5166 | critical | — | 9.5 | — | WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have exp… | |
| CVE-2018-1050 | critical | — | 9.5 | — | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on … | |
| CVE-2018-6095 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12387 | critical | — | 9.5 | — | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… | |
| CVE-2018-12373 | critical | — | 9.5 | — | dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. | |
| CVE-2018-5127 | critical | — | 9.5 | — | A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR… | |
| CVE-2018-5164 | critical | — | 9.5 | — | Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block… | |
| CVE-2018-12362 | critical | — | 9.5 | — | An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects … | |
| CVE-2018-12374 | critical | — | 9.5 | — | Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. | |
| CVE-2018-12407 | critical | — | 9.5 | — | A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially explo… | |
| CVE-2018-12406 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-18645 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-18344 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-15688 | critical | — | 9.5 | — | A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and includin… | |
| CVE-2018-5169 | critical | — | 9.5 | — | If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the hom… | |
| CVE-2018-5147 | critical | — | 9.5 | — | The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firef… | |
| CVE-2018-18495 | critical | — | 9.5 | — | WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading … | |
| CVE-2018-6114 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12388 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-18640 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-5151 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… | |
| CVE-2018-12371 | critical | — | 9.5 | — | An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting i… | |
| CVE-2018-6112 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-10528 | critical | — | 9.5 | — | An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp. | |
| CVE-2018-12365 | critical | — | 9.5 | — | A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private l… | |
| CVE-2018-5150 | critical | — | 9.5 | — | Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of the… | |
| CVE-2018-5157 | critical | — | 9.5 | — | Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing… | |
| CVE-2018-12367 | critical | — | 9.5 | — | In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTimi… | |
| CVE-2018-12364 | critical | — | 9.5 | — | NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious sit… | |
| CVE-2018-5144 | critical | — | 9.5 | — | An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. | |
| CVE-2018-18493 | critical | — | 9.5 | — | A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in … | |
| CVE-2018-18648 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-12369 | critical | — | 9.5 | — | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… | |
| CVE-2018-11359 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. | |
| CVE-2018-1000222 | critical | — | 9.5 | — | Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted … | |
| CVE-2018-5188 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could… | |
| CVE-2018-5178 | critical | — | 9.5 | — | A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy ex… | |
| CVE-2018-12385 | critical | — | 9.5 | — | A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… | |
| CVE-2018-5163 | critical | — | 9.5 | — | If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode… | |
| CVE-2018-12363 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a… | |
| CVE-2018-6086 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-11357 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. | |
| CVE-2018-5186 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… | |
| CVE-2018-11358 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre… | |
| CVE-2018-12405 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |
| CVE-2018-17470 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18641 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-18502 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-12372 | critical | — | 9.5 | — | Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. | |
| CVE-2018-11354 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. | |
| CVE-2018-6117 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6113 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6097 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18643 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-18646 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-6111 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6103 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6108 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6107 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6104 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6102 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17467 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12383 | critical | — | 9.5 | — | If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… | |
| CVE-2018-11361 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey. | |
| CVE-2018-10529 | critical | — | 9.5 | — | An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. | |
| CVE-2018-5155 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, … | |
| CVE-2018-12396 | critical | — | 9.5 | — | A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites w… | |
| CVE-2018-20346 | critical | — | 9.5 | — | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow… | |
| CVE-2018-18497 | critical | — | 9.5 | — | Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argumen… | |
| CVE-2018-6109 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18336 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12402 | critical | — | 9.5 | — | The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For exampl… | |
| CVE-2018-5129 | critical | — | 9.5 | — | A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in th… | |
| CVE-2018-11235 | critical | — | 9.5 | — | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project… | |
| CVE-2018-12370 | critical | — | 9.5 | — | In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, … | |
| CVE-2018-12397 | critical | — | 9.5 | — | A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to … | |
| CVE-2018-19627 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. | |
| CVE-2018-19624 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. | |
| CVE-2018-19626 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination. | |
| CVE-2018-12386 | critical | — | 9.5 | — | A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… | |
| CVE-2018-17464 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-1057 | critical | — | 9.5 | — | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' … |