| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-1000199 |
388 |
|
Exec Code Mem. Corr. |
2018-05-24 |
2018-06-27 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. |
|
2 |
CVE-2018-18357 |
20 |
|
|
2018-12-11 |
2018-12-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
3 |
CVE-2018-18355 |
20 |
|
|
2018-12-11 |
2018-12-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
4 |
CVE-2018-18353 |
18 |
|
|
2018-12-11 |
2018-12-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page. |
|
5 |
CVE-2018-18352 |
264 |
|
Bypass |
2018-12-11 |
2018-12-20 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page. |
|
6 |
CVE-2018-18351 |
20 |
|
Bypass |
2018-12-11 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page. |
|
7 |
CVE-2018-18350 |
19 |
|
Bypass |
2018-12-11 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. |
|
8 |
CVE-2018-18349 |
264 |
|
|
2018-12-11 |
2019-01-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. |
|
9 |
CVE-2018-18348 |
20 |
|
|
2018-12-11 |
2018-12-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. |
|
10 |
CVE-2018-18345 |
254 |
|
Bypass |
2018-12-11 |
2018-12-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page. |
|
11 |
CVE-2018-18344 |
20 |
|
|
2018-12-11 |
2019-01-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension. |
|
12 |
CVE-2018-17477 |
20 |
|
|
2018-11-14 |
2018-12-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page. |
|
13 |
CVE-2018-17476 |
20 |
|
|
2018-11-14 |
2018-12-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. |
|
14 |
CVE-2018-17475 |
20 |
|
|
2018-11-14 |
2018-12-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. |
|
15 |
CVE-2018-17471 |
20 |
|
|
2018-11-14 |
2018-12-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. |
|
16 |
CVE-2018-17470 |
119 |
|
Overflow |
2019-01-09 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
|
17 |
CVE-2018-17468 |
200 |
|
+Info |
2018-11-14 |
2018-12-19 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page. |
|
18 |
CVE-2018-17467 |
20 |
|
|
2018-11-14 |
2018-12-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. |
|
19 |
CVE-2018-16542 |
388 |
|
|
2018-09-05 |
2018-11-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. |
|
20 |
CVE-2018-16435 |
190 |
|
Overflow |
2018-09-03 |
2018-11-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. |
|
21 |
CVE-2018-16082 |
125 |
|
|
2019-01-09 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
|
22 |
CVE-2018-16067 |
416 |
|
|
2019-01-09 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
23 |
CVE-2018-16066 |
416 |
|
|
2019-01-09 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
24 |
CVE-2018-14659 |
400 |
|
DoS |
2018-10-31 |
2018-12-07 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and create an arbitrary number of files in the server's runtime directory. |
|
25 |
CVE-2018-14652 |
119 |
|
DoS Overflow |
2018-10-31 |
2018-12-31 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service. |
|
26 |
CVE-2018-14646 |
476 |
|
DoS |
2018-11-26 |
2018-12-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. |
|
27 |
CVE-2018-12824 |
125 |
|
|
2018-08-29 |
2018-10-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
28 |
CVE-2018-12385 |
20 |
|
|
2018-10-18 |
2018-12-06 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2. |
|
29 |
CVE-2018-12379 |
787 |
|
|
2018-10-18 |
2018-12-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. |
|
30 |
CVE-2018-12374 |
200 |
|
+Info |
2018-10-18 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
|
31 |
CVE-2018-12373 |
200 |
|
+Info |
2018-10-18 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
|
32 |
CVE-2018-12372 |
200 |
|
+Info |
2018-10-18 |
2018-12-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
|
33 |
CVE-2018-12366 |
125 |
|
|
2018-10-18 |
2018-12-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
|
34 |
CVE-2018-12365 |
200 |
|
+Info |
2018-10-18 |
2018-12-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
|
35 |
CVE-2018-11781 |
94 |
|
|
2018-09-17 |
2018-12-16 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. |
|
36 |
CVE-2018-10930 |
264 |
|
|
2018-09-04 |
2018-11-06 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. |
|
37 |
CVE-2018-10914 |
476 |
|
DoS |
2018-09-04 |
2018-11-14 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes. |
|
38 |
CVE-2018-10913 |
200 |
|
+Info |
2018-09-04 |
2018-11-14 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. |
|
39 |
CVE-2018-10902 |
415 |
|
+Priv |
2018-08-21 |
2019-01-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation. |
|
40 |
CVE-2018-10872 |
119 |
|
Overflow |
2018-07-10 |
2018-11-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE. |
|
41 |
CVE-2018-10845 |
310 |
|
|
2018-08-22 |
2018-11-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets. |
|
42 |
CVE-2018-10844 |
310 |
|
|
2018-08-22 |
2018-11-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets. |
|
43 |
CVE-2018-6179 |
200 |
|
+Info |
2019-01-09 |
2019-01-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. |
|
44 |
CVE-2018-6178 |
254 |
|
|
2019-01-09 |
2019-01-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension. |
|
45 |
CVE-2018-6175 |
19 |
|
|
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |
|
46 |
CVE-2018-6173 |
19 |
|
|
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |
|
47 |
CVE-2018-6172 |
19 |
|
|
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |
|
48 |
CVE-2018-6169 |
20 |
|
|
2019-01-09 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page. |
|
49 |
CVE-2018-6167 |
19 |
|
|
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |
|
50 |
CVE-2018-6166 |
19 |
|
|
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |
