CVEs from 2018
Total
3,719
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.1%
% with KEV
2.4%
% with exploit
2.4%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-17463 | critical | — | 10.0 | 4y ago | multiple issues in chromium | |
| CVE-2018-17480 | critical | — | 10.0 | 4y ago | multiple issues in chromium | |
| CVE-2018-7602 | critical | — | 10.0 | 8y ago | A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site. | |
| CVE-2018-7600 | critical | — | 10.0 | 8y ago | Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. | |
| CVE-2018-25357 | critical | 9.8 | 9.8 | 5d ago | Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter. Attackers ca… | |
| CVE-2018-25350 | critical | 9.8 | 9.8 | 5d ago | userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. At… | |
| CVE-2018-25335 | critical | 9.8 | 9.8 | 11d ago | WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint.… | |
| CVE-2018-25332 | critical | 9.8 | 9.8 | 11d ago | GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file uploa… | |
| CVE-2018-25320 | critical | 9.8 | 9.8 | 11d ago | ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can … | |
| CVE-2018-25318 | critical | 9.8 | 9.8 | 29d ago | Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers ca… | |
| CVE-2018-25317 | critical | 9.8 | 9.8 | 29d ago | Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient se… | |
| CVE-2018-25316 | critical | 9.8 | 9.8 | 29d ago | Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send… | |
| CVE-2018-25272 | critical | 9.8 | 9.8 | 1mo ago | ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to … | |
| CVE-2018-6117 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5156 | critical | — | 9.5 | — | A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potent… | |
| CVE-2018-17470 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5169 | critical | — | 9.5 | — | If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the hom… | |
| CVE-2018-17477 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18506 | critical | — | 9.5 | — | When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to … | |
| CVE-2018-12392 | critical | — | 9.5 | — | When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects… | |
| CVE-2018-1000300 | critical | — | 9.5 | — | curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based me… | |
| CVE-2018-19623 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. T… | |
| CVE-2018-5154 | critical | — | 9.5 | — | A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < … | |
| CVE-2018-12388 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2018-18643 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-6097 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-11355 | critical | — | 9.5 | — | In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks. | |
| CVE-2018-6103 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5179 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5172 | critical | — | 9.5 | — | The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site… | |
| CVE-2018-6099 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6102 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17468 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-11354 | critical | — | 9.5 | — | In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling. | |
| CVE-2018-17464 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-19876 | critical | — | 9.5 | — | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid… | |
| CVE-2018-5152 | critical | — | 9.5 | — | WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For exa… | |
| CVE-2018-5186 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… | |
| CVE-2018-5153 | critical | — | 9.5 | — | If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating serve… | |
| CVE-2018-17466 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-1050 | critical | — | 9.5 | — | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on … | |
| CVE-2018-18509 | critical | — | 9.5 | — | A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signatur… | |
| CVE-2018-5185 | critical | — | 9.5 | — | Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | |
| CVE-2018-18353 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18342 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18335 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6090 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17476 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18345 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6113 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6107 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6111 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18338 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18343 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18349 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18354 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5168 | critical | — | 9.5 | — | Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without… | |
| CVE-2018-6108 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-17465 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6116 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18347 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-6104 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18351 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18357 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5157 | critical | — | 9.5 | — | Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing… | |
| CVE-2018-17469 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18352 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5183 | critical | — | 9.5 | — | Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerabil… | |
| CVE-2018-18344 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18356 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5162 | critical | — | 9.5 | — | Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | |
| CVE-2018-6086 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5147 | critical | — | 9.5 | — | The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firef… | |
| CVE-2018-18348 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5159 | critical | — | 9.5 | — | An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially e… | |
| CVE-2018-18337 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18646 | critical | — | 9.5 | — | multiple issues in gitlab | |
| CVE-2018-17471 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-5170 | critical | — | 9.5 | — | It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. Thi… | |
| CVE-2018-17473 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18492 | critical | — | 9.5 | — | A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. T… | |
| CVE-2018-5161 | critical | — | 9.5 | — | Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. | |
| CVE-2018-5187 | critical | — | 9.5 | — | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to ru… | |
| CVE-2018-18339 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18359 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18355 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18346 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-18497 | critical | — | 9.5 | — | Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argumen… | |
| CVE-2018-18350 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2018-12377 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exp… | |
| CVE-2018-12378 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploita… | |
| CVE-2018-12390 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enoug… | |
| CVE-2018-11235 | critical | — | 9.5 | — | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project… | |
| CVE-2018-11360 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu… | |
| CVE-2018-12387 | critical | — | 9.5 | — | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… | |
| CVE-2018-11356 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in … | |
| CVE-2018-11358 | critical | — | 9.5 | — | In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet pre… | |
| CVE-2018-6156 | critical | — | 9.5 | — | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | |
| CVE-2018-5711 | critical | — | 9.5 | — | gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an in… | |
| CVE-2018-19622 | critical | — | 9.5 | — | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. |