CVE-2018-0xxx

There are 937 CVE in this subgroup.
Last updated: 
← Back to 2018
ID Summary Flags Max Score
CVE-2018-0001 Junos: Unauthenticated Remote Code Execution through J-Web interface
S
CVE-2018-0002 MX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled.
S
CVE-2018-0003 Junos OS: A crafted MPLS packet may lead to a kernel crash
S
CVE-2018-0004 Junos OS: Kernel Denial of Service Vulnerability
S
CVE-2018-0005 Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic.
S
CVE-2018-0006 Junos OS: bbe-smgd process denial of service while processing VLAN authentication requests/rejects
S
CVE-2018-0007 An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the loca...
M
CVE-2018-0008 Junos OS: commit script may allow unauthenticated root login upon reboot
S
CVE-2018-0009 SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured.
S
CVE-2018-0010 A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not hav...
S
CVE-2018-0011 Junos Space: Reflected XSS vulnerability in Junos Space management interface
S
CVE-2018-0012 Junos Space: Local privilege escalation vulnerability in Junos Space
S
CVE-2018-0013 Junos Space: Local File Inclusion Vulnerability
S
CVE-2018-0014 ScreenOS: Etherleak vulnerability found on ScreenOS device
S
CVE-2018-0015 AppFormix: Debug Shell Command Execution in AppFormix Agent
S
CVE-2018-0016 Junos OS: Kernel crash upon receipt of crafted CLNP datagrams
S
CVE-2018-0017 SRX Series: Denial of service vulnerability in flowd daemon on devices configured with NAT-PT
S
CVE-2018-0018 SRX Series: A crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies.
S
CVE-2018-0019 Junos: Denial of service vulnerability in SNMP MIB-II subagent daemon (mib2d).
S
CVE-2018-0020 Junos OS: rpd daemon cores due to malformed BGP UPDATE packet
S
CVE-2018-0021 Junos OS: Short MacSec keys may allow man-in-the-middle attacks.
S
CVE-2018-0022 Junos OS: Mbuf leak due to processing MPLS packets in VPLS network.
S
CVE-2018-0023 Junos Snapshot Administrator (JSNAPy) world writeable default configuration file permission
S
CVE-2018-0024 Junos OS: A privilege escalation vulnerability exists where authenticated users with shell access can become root
S
CVE-2018-0025 Junos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication
S
CVE-2018-0026 Junos OS: Stateless IP firewall filter rules stop working as expected after reboot or upgrade
S
CVE-2018-0027 Junos OS: Receipt of malformed RSVP packet may lead to RPD denial of service
S
CVE-2018-0029 Junos OS: Kernel crash (vmcore) during broadcast storm after enabling 'monitor traffic interface fxp0'
S
CVE-2018-0030 Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K: Line card may crash upon receipt of specific MPLS packet.
S
CVE-2018-0031 Junos OS: Receipt of specially crafted UDP packets over MPLS may bypass stateless IP firewall rules
S
CVE-2018-0032 Junos OS: RPD crash when receiving a crafted BGP UPDATE
S
CVE-2018-0034 Junos OS: A malicious crafted IPv6 DHCP packet may cause the JDHCPD daemon to core
S
CVE-2018-0035 Junos OS: QFX5200 and QFX10002: Unintended ONIE partition was shipped with certain Junos OS .bin and .iso images
S
CVE-2018-0037 Junos OS: RPD daemon crashes due to receipt of crafted BGP NOTIFICATION messages
S
CVE-2018-0038 Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabl...
CVE-2018-0039 Contrail Service Orchestration: Hardcoded credentials for Grafana service
S
CVE-2018-0040 Contrail Service Orchestration: hardcoded cryptographic certificates and keys
S
CVE-2018-0041 Contrail Service Orchestration: Hardcoded credentials for Keystone service.
S
CVE-2018-0042 Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an informatio...
CVE-2018-0043 Junos OS: RPD daemon crashes upon receipt of specific MPLS packet
S
CVE-2018-0044 NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS
S
CVE-2018-0045 Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration
S
CVE-2018-0046 Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS
S
CVE-2018-0047 Junos Space Security Director: XSS vulnerability in web administration
S
CVE-2018-0048 Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support.
S
CVE-2018-0049 Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.
S
CVE-2018-0050 Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash.
S
CVE-2018-0051 Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow daemon (flowd) related to SIP ALG
S
CVE-2018-0052 Junos OS: Unauthenticated remote root access possible when RSH service is enabled
S
CVE-2018-0053 vSRX Series: A local authentication vulnerability may lead to full control of a vSRX instance while the system is booting.
S
CVE-2018-0054 QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames
S
CVE-2018-0055 Junos OS: jdhcpd process crash during processing of specially crafted DHCPv6 message
S
CVE-2018-0056 MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interfaces
S
CVE-2018-0057 Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in with Option 50 (Requested IP Address)
S
CVE-2018-0058 MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Denial of Service
S
CVE-2018-0059 ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability
S
CVE-2018-0060 Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash
S
CVE-2018-0061 Junos OS: Denial of service in telnetd
S
CVE-2018-0062 Junos OS: Denial of Service in J-Web
S
CVE-2018-0063 Junos OS: Nexthop index allocation failed: private index space exhausted after incoming ARP requests to management interface
S
CVE-2018-0086 A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could all...
CVE-2018-0087 A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthent...
CVE-2018-0088 A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series ...
CVE-2018-0089 A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) cou...
CVE-2018-0090 A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS Syste...
CVE-2018-0091 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could ...
CVE-2018-0092 A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software cou...
CVE-2018-0093 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could al...
CVE-2018-0094 A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unau...
CVE-2018-0095 A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA)...
CVE-2018-0096 A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure ...
CVE-2018-0097 A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, r...
CVE-2018-0098 A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Acces...
CVE-2018-0099 A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow ...
CVE-2018-0100 A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an ...
CVE-2018-0101 A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security A...
E
CVE-2018-0102 A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent at...
CVE-2018-0103 A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Forma...
M
CVE-2018-0104 A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files co...
M
CVE-2018-0105 A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthen...
CVE-2018-0106 A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an un...
CVE-2018-0107 A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, ...
CVE-2018-0108 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to co...
CVE-2018-0109 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to acce...
CVE-2018-0110 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to acce...
CVE-2018-0111 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to ac...
CVE-2018-0112 A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meeting...
CVE-2018-0113 A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote at...
CVE-2018-0114 A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthentica...
E S
CVE-2018-0115 A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers co...
CVE-2018-0116 A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthentic...
CVE-2018-0117 A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-...
CVE-2018-0118 A vulnerability in the web-based management interface of Cisco Unified Communications Manager could ...
CVE-2018-0119 A vulnerability in certain authentication controls in the account services of Cisco Spark could allo...
CVE-2018-0120 A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenti...
CVE-2018-0121 A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic...
CVE-2018-0122 A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregatio...
CVE-2018-0123 A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow...
CVE-2018-0124 A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remot...
CVE-2018-0125 A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wire...
KEV
CVE-2018-0127 A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W ...
CVE-2018-0128 A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could...
CVE-2018-0129 A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could...
CVE-2018-0130 A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Servi...
CVE-2018-0131 A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE...
CVE-2018-0132 A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow a...
CVE-2018-0134 A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthentic...
CVE-2018-0135 A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacke...
CVE-2018-0136 A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregati...
S
CVE-2018-0137 A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated,...
CVE-2018-0138 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0139 A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Un...
CVE-2018-0140 A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security ...
CVE-2018-0141 A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthe...
CVE-2018-0143 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0144 A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager cou...
CVE-2018-0145 A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework a...
CVE-2018-0146 A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthentica...
CVE-2018-0147 A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to re...
KEV
CVE-2018-0148 A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integ...
CVE-2018-0149 A vulnerability in the web-based management interface of Cisco Integrated Management Controller Supe...
CVE-2018-0150 A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in t...
M
CVE-2018-0151 A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Sof...
KEV M
CVE-2018-0152 A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an aut...
CVE-2018-0153 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0154 A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) runni...
KEV
CVE-2018-0155 A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Cata...
KEV
CVE-2018-0156 A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could a...
KEV
CVE-2018-0157 A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthentica...
CVE-2018-0158 A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisc...
KEV
CVE-2018-0159 A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Ci...
KEV
CVE-2018-0160 A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software coul...
M
CVE-2018-0161 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software run...
KEV M
CVE-2018-0163 A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software cou...
CVE-2018-0164 A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an u...
CVE-2018-0165 A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of ...
CVE-2018-0167 Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Ci...
KEV
CVE-2018-0169 Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo...
CVE-2018-0170 A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an un...
CVE-2018-0171 A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could a...
KEV
CVE-2018-0172 A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IO...
KEV
CVE-2018-0173 A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsula...
KEV
CVE-2018-0174 A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IO...
KEV
CVE-2018-0175 Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Softw...
KEV
CVE-2018-0176 Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo...
CVE-2018-0177 A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco...
CVE-2018-0178 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0179 Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could...
KEV
CVE-2018-0180 Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could...
KEV M
CVE-2018-0181 Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent Software Redis Server Unauthenticated Access Vulnerability
CVE-2018-0182 Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo...
CVE-2018-0183 A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attac...
CVE-2018-0184 A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attac...
CVE-2018-0185 Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo...
CVE-2018-0186 Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could all...
CVE-2018-0187 Cisco Identity Services Engine Privileged Account Sensitive Information Disclosure Vulnerability
CVE-2018-0188 Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could all...
CVE-2018-0189 A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE...
CVE-2018-0190 Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could all...
CVE-2018-0191 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0193 Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo...
CVE-2018-0194 Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, lo...
CVE-2018-0195 A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker ...
CVE-2018-0196 A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an aut...
CVE-2018-0197 Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability
CVE-2018-0198 A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthen...
CVE-2018-0199 A vulnerability in Cisco Jabber Client Framework (JCF) could allow an unauthenticated, remote attack...
CVE-2018-0200 A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthentic...
CVE-2018-0201 A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker...
CVE-2018-0202 clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remot...
S
CVE-2018-0203 A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote a...
CVE-2018-0204 A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an ...
CVE-2018-0205 A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool coul...
CVE-2018-0206 A vulnerability in the web-based management interface of Cisco Unified Communications Manager could ...
CVE-2018-0207 A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5...
CVE-2018-0208 A vulnerability in the web-based management interface of the (cloud based) Cisco Registered Envelope...
CVE-2018-0209 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem communication channel thr...
CVE-2018-0210 A vulnerability in the web-based management interface of Cisco Data Center Network Manager could all...
CVE-2018-0211 A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authe...
CVE-2018-0212 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could ...
CVE-2018-0213 A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could...
CVE-2018-0214 A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authe...
CVE-2018-0215 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could ...
CVE-2018-0216 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could ...
CVE-2018-0217 A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregatio...
CVE-2018-0218 A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5...
CVE-2018-0219 A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Direct...
CVE-2018-0220 A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an...
CVE-2018-0221 A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an...
CVE-2018-0222 A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, r...
CVE-2018-0223 A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager co...
CVE-2018-0224 A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregatio...
CVE-2018-0225 The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL inje...
CVE-2018-0226 A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) acc...
CVE-2018-0227 A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate A...
CVE-2018-0228 A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA...
M
CVE-2018-0229 A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (S...
CVE-2018-0230 A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (F...
CVE-2018-0231 A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (...
CVE-2018-0233 A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection e...
CVE-2018-0234 A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in C...
CVE-2018-0235 A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (W...
CVE-2018-0236 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0237 A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) ...
CVE-2018-0238 A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing Sys...
CVE-2018-0239 A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system f...
CVE-2018-0240 Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Secu...
CVE-2018-0241 A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an una...
CVE-2018-0242 A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance co...
CVE-2018-0243 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0244 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0245 A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software...
CVE-2018-0246 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0247 A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) ...
CVE-2018-0248 Cisco Wireless LAN Controller Software GUI Configuration Denial of Service Vulnerabilities
CVE-2018-0249 A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Acc...
CVE-2018-0250 A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco A...
CVE-2018-0251 A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets La...
CVE-2018-0252 A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 850...
CVE-2018-0253 A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow ...
CVE-2018-0254 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0255 A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allo...
CVE-2018-0256 A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Ga...
CVE-2018-0257 A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers cou...
CVE-2018-0258 A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow...
CVE-2018-0259 A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthe...
CVE-2018-0260 A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attac...
CVE-2018-0262 A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unau...
CVE-2018-0263 A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to a...
CVE-2018-0264 A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) file...
CVE-2018-0265 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2018-0266 A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenti...
CVE-2018-0267 A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenti...
CVE-2018-0268 A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Ce...
CVE-2018-0269 A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) c...
CVE-2018-0270 A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) ...
CVE-2018-0271 A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allo...
CVE-2018-0272 A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could al...
M
CVE-2018-0273 A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 500...
CVE-2018-0274 A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authen...
CVE-2018-0275 A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an...
CVE-2018-0276 A vulnerability in Cisco WebEx Connect IM could allow an unauthenticated, remote attacker to conduct...
CVE-2018-0277 A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certifi...
CVE-2018-0278 A vulnerability in the management console of Cisco Firepower System Software could allow an unauthen...
CVE-2018-0279 A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Soft...
CVE-2018-0280 A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting ...
CVE-2018-0281 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0282 Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability
CVE-2018-0283 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0284 Cisco Meraki Local Status Page Privilege Escalation Vulnerability
CVE-2018-0285 A vulnerability in service logging for Cisco Prime Service Catalog could allow an authenticated, rem...
CVE-2018-0286 A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, re...
CVE-2018-0287 A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) file...
CVE-2018-0288 A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote ...
CVE-2018-0289 A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticat...
CVE-2018-0290 A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacke...
CVE-2018-0291 A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-...
CVE-2018-0292 A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Sof...
CVE-2018-0293 A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenti...
CVE-2018-0294 A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could all...
CVE-2018-0295 A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could al...
CVE-2018-0296 A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an u...
KEV E
CVE-2018-0297 A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an un...
CVE-2018-0298 A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow a...
CVE-2018-0299 A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco NX-OS on the Cisco...
CVE-2018-0300 A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepo...
CVE-2018-0301 A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote...
CVE-2018-0302 A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software ...
CVE-2018-0303 A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Sof...
CVE-2018-0304 A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa...
CVE-2018-0305 A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa...
CVE-2018-0306 A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attack...
CVE-2018-0307 A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to p...
CVE-2018-0308 A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa...
CVE-2018-0309 A vulnerability in the implementation of a specific CLI command and the associated Simple Network Ma...
CVE-2018-0310 A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa...
CVE-2018-0311 A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa...
CVE-2018-0312 A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Softwa...
CVE-2018-0313 A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote a...
CVE-2018-0314 A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS ...
CVE-2018-0315 A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisc...
CVE-2018-0316 A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Pho...
CVE-2018-0317 A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an ...
CVE-2018-0318 A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could...
CVE-2018-0319 A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) co...
CVE-2018-0320 A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allo...
CVE-2018-0321 A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remo...
CVE-2018-0322 A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) coul...
CVE-2018-0323 A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFV...
CVE-2018-0324 A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an au...
CVE-2018-0325 A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Pho...
CVE-2018-0326 A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, ...
CVE-2018-0327 A vulnerability in the web framework of Cisco Identity Services Engine (ISE) could allow an unauthen...
CVE-2018-0328 A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Prese...
CVE-2018-0329 A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) featur...
CVE-2018-0330 A vulnerability in the NX-API management application programming interface (API) in devices running,...
CVE-2018-0331 A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running...
CVE-2018-0332 A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified ...
CVE-2018-0333 A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow a...
CVE-2018-0334 A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager a...
CVE-2018-0335 A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning c...
CVE-2018-0336 A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could al...
CVE-2018-0337 A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an ...
CVE-2018-0338 A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS)...
CVE-2018-0339 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could ...
CVE-2018-0340 A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) softwa...
CVE-2018-0341 A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform...
CVE-2018-0342 A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow...
CVE-2018-0343 A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow...
CVE-2018-0344 A vulnerability in the vManage dashboard for the configuration and management service of the Cisco S...
CVE-2018-0345 A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allo...
CVE-2018-0346 A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an u...
CVE-2018-0347 A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could al...
CVE-2018-0348 A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacke...
CVE-2018-0349 A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwr...
CVE-2018-0350 A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authe...
CVE-2018-0351 A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an auth...
CVE-2018-0352 A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAA...
CVE-2018-0353 A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an...
CVE-2018-0354 A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remot...
CVE-2018-0355 A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an un...
CVE-2018-0356 A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker ...
CVE-2018-0357 A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker ...
CVE-2018-0358 A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VC...
CVE-2018-0359 A vulnerability in the session identification management functionality of the web-based management i...
CVE-2018-0360 ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangu...
CVE-2018-0361 ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to par...
CVE-2018-0362 A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute Sy...
CVE-2018-0363 A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & P...
CVE-2018-0364 A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager...
CVE-2018-0365 A vulnerability in the web-based management interface of Cisco Firepower Management Center could all...
CVE-2018-0366 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could al...
CVE-2018-0367 A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could...
CVE-2018-0368 A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, loc...
CVE-2018-0369 A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtu...
CVE-2018-0370 A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenti...
CVE-2018-0371 A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, rem...
CVE-2018-0372 A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-...
CVE-2018-0373 A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyC...
CVE-2018-0374 A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an un...
CVE-2018-0375 A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenti...
CVE-2018-0376 A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an u...
CVE-2018-0377 A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before...
CVE-2018-0378 Cisco NX-OS Software for Nexus 5500, 5600, and 6000 Series Switches Precision Time Protocol Denial of Service Vulnerability
CVE-2018-0379 Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Fo...
CVE-2018-0380 Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Fo...
CVE-2018-0381 Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability
CVE-2018-0382 Cisco Wireless LAN Controller Software Session Hijacking Vulnerability
CVE-2018-0383 A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenti...
CVE-2018-0384 A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenti...
CVE-2018-0385 A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for ...
CVE-2018-0386 A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticat...
CVE-2018-0387 A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote ...
CVE-2018-0388 Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability
CVE-2018-0389 Cisco Small Business SPA514G IP Phones SIP Denial of Service Vulnerability
CVE-2018-0390 A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker ...
CVE-2018-0391 A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allo...
CVE-2018-0392 A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to acc...
CVE-2018-0393 A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite c...
CVE-2018-0394 A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an auth...
CVE-2018-0395 Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability
CVE-2018-0396 A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Ser...
CVE-2018-0397 A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 cou...
S
CVE-2018-0398 Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unaut...
CVE-2018-0399 Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unaut...
CVE-2018-0400 Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Expre...
CVE-2018-0401 Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Expre...
CVE-2018-0402 Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Expre...
CVE-2018-0403 Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Expre...
CVE-2018-0404 Cisco RV180W Wireless-N Multifunction VPN Router SQL Injection Vulnerability
CVE-2018-0405 Cisco RV180W Wireless-N Multifunction VPN Router Directory Path Traversal Vulnerability
CVE-2018-0406 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could al...
CVE-2018-0407 A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Man...
CVE-2018-0408 A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Man...
CVE-2018-0409 A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence ...
CVE-2018-0410 A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appl...
CVE-2018-0411 A vulnerability in the web-based management interface of Cisco Unified Communications Manager could ...
CVE-2018-0412 A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functio...
CVE-2018-0413 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could ...
CVE-2018-0414 Cisco Secure Access Control Server XML External Entity Injection Vulnerability
CVE-2018-0415 A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functio...
CVE-2018-0416 Cisco Wireless LAN Controller Software Information Disclosure Vulnerability
CVE-2018-0417 Cisco Wireless LAN Controller Software GUI Privilege Escalation Vulnerability
CVE-2018-0418 A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series A...
CVE-2018-0419 A vulnerability in certain attachment detection mechanisms of Cisco Email Security Appliances (ESA) ...
CVE-2018-0420 Cisco Wireless LAN Controller Software Directory Traversal Vulnerability
CVE-2018-0421 Cisco Prime Access Registrar Denial of Service Vulnerability
CVE-2018-0422 A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an ...
CVE-2018-0423 Cisco RV110W, RV130W, and RV215W Routers Management Interface Buffer Overflow Vulnerability
CVE-2018-0424 Cisco RV110W, RV130W, and RV215W Routers Management Interface Command Injection Vulnerability
CVE-2018-0425 Cisco RV110W, RV130W, and RV215W Routers Management Interface Information Disclosure Vulnerability
CVE-2018-0426 Cisco RV110W, RV130W, and RV215W Routers Management Interface Directory Traversal Vulnerability
CVE-2018-0427 A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center coul...
CVE-2018-0428 A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allo...
CVE-2018-0429 Stack-based buffer overflow in the Cisco Thor decoder before commit 18de8f9f0762c3a542b1122589edb8af...
S
CVE-2018-0430 Cisco Integrated Management Controller Command Injection Vulnerability
CVE-2018-0431 Cisco Integrated Management Controller Command Injection Vulnerability
CVE-2018-0432 Cisco SD-WAN Solution Privilege Escalation Vulnerability
CVE-2018-0433 Cisco SD-WAN Solution Command Injection Vulnerability
CVE-2018-0434 Cisco SD-WAN Solution Certificate Validation Vulnerability
CVE-2018-0435 Cisco Umbrella API Unauthorized Access Vulnerability
CVE-2018-0436 Cisco Webex Teams Information Disclosure and Modification Vulnerability
CVE-2018-0437 Cisco Umbrella Enterprise Roaming Client and Enterprise Roaming Module Privilege Escalation Vulnerability
E
CVE-2018-0438 Cisco Umbrella Enterprise Roaming Client Privilege Escalation Vulnerability
E
CVE-2018-0439 Cisco Meeting Server Cross-Site Request Forgery Vulnerability
CVE-2018-0440 Cisco Data Center Network Manager Privilege Escalation to Underlying Operating System Vulnerability
CVE-2018-0441 Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability
CVE-2018-0442 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability
CVE-2018-0443 Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability
CVE-2018-0444 Cisco Packaged Contact Center Enterprise Cross-Site Scripting Vulnerability
CVE-2018-0445 Cisco Packaged Contact Center Enterprise Cross-Site Request Forgery Vulnerability
CVE-2018-0446 Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability
CVE-2018-0447 Cisco Email Security Appliance URL Filtering Bypass Vulnerability
CVE-2018-0448 Cisco Digital Network Architecture Center Authentication Bypass Vulnerability
CVE-2018-0449 Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability
CVE-2018-0450 Cisco Data Center Network Manager Cross-Site Scripting Vulnerability
CVE-2018-0451 Cisco Tetration Analytics Cross-Site Request Forgery Vulnerability
CVE-2018-0452 Cisco Tetration Analytics Cross-Site Scripting Vulnerability
CVE-2018-0453 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability
CVE-2018-0454 Cisco Cloud Services Platform 2100 Command Injection Vulnerability
CVE-2018-0455 Cisco Firepower System Software Detection Engine Denial of Service Vulnerability
CVE-2018-0456 Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability
CVE-2018-0457 Cisco Webex Player WRF Files Denial of Service Vulnerability
CVE-2018-0458 Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability
CVE-2018-0459 Cisco Enterprise NFV Infrastructure Software Denial of Service Vulnerability
CVE-2018-0460 Cisco Enterprise NFV Infrastructure Software Information Disclosure Vulnerability
CVE-2018-0461 Cisco IP Phone 8800 Series Arbitrary Script Injection Vulnerability
CVE-2018-0462 Cisco Enterprise NFV Infrastructure Software Denial of Service Vulnerability
CVE-2018-0463 Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability
CVE-2018-0464 Cisco Data Center Network Manager Path Traversal Vulnerability
E
CVE-2018-0465 Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability
CVE-2018-0466 Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulnerability
CVE-2018-0467 Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability
CVE-2018-0468 A vulnerability in the configuration of a local database installed as part of the Cisco Energy Manag...
CVE-2018-0469 Cisco IOS XE Software Web UI Denial of Service Vulnerability
CVE-2018-0470 Cisco IOS XE Software HTTP Denial of Service Vulnerability
CVE-2018-0471 Cisco IOS XE Software Cisco Discovery Protocol Memory Leak Vulnerability
CVE-2018-0472 Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability
CVE-2018-0473 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability
CVE-2018-0474 Cisco Unified Communications Manager Digest Credentials Disclosure Vulnerability
CVE-2018-0475 Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability
CVE-2018-0476 Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability
CVE-2018-0477 Cisco IOS XE Software Command Injection Vulnerabilities
CVE-2018-0480 Cisco IOS XE Software Errdisable Denial of Service Vulnerability
CVE-2018-0481 Cisco IOS XE Software Command Injection Vulnerabilities
CVE-2018-0482 Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability
CVE-2018-0483 Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability
CVE-2018-0484 Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability
CVE-2018-0485 Cisco IOS and IOS XE Software SM-1T3/E3 Service Module Denial of Service Vulnerability
CVE-2018-0486 Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows...
CVE-2018-0487 ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbit...
M
CVE-2018-0488 ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and C...
M
CVE-2018-0489 Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windo...
S
CVE-2018-0490 An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10...
CVE-2018-0491 A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to ...
E S
CVE-2018-0492 Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privileg...
E
CVE-2018-0493 remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sud...
CVE-2018-0494 GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http...
E S
CVE-2018-0495 Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA si...
E S
CVE-2018-0496 Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink S...
S
CVE-2018-0497 ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve parti...
M
CVE-2018-0498 ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial pl...
M
CVE-2018-0499 A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core ...
S
CVE-2018-0500 Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buff...
E S
CVE-2018-0501 The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x befo...
S
CVE-2018-0502 An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potenti...
S
CVE-2018-0503 $wgRateLimits entry for 'user' overrides 'newbie'
S
CVE-2018-0504 Information disclosure in Special:Redirect/logid
S
CVE-2018-0505 BotPasswords can bypass CentralAuth's account lock
E S
CVE-2018-0506 Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified ve...
CVE-2018-0507 Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and e...
CVE-2018-0508 Cross-site scripting vulnerability in epg search result viewer (kkcald) 0.7.21 and earlier allows an...
CVE-2018-0509 Cross-site request forgery (CSRF) vulnerability in epg search result viewer (kkcald) 0.7.21 and earl...
CVE-2018-0510 Buffer overflow in epg search result viewer (kkcald) 0.7.19 and earlier allows remote attackers to p...
CVE-2018-0511 Cross-site scripting vulnerability in WP Retina 2x prior to version 5.2.2 allows an attacker to inje...
S
CVE-2018-0512 Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authent...
CVE-2018-0513 Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple Booking Business version 1.28...
S
CVE-2018-0514 MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitra...
CVE-2018-0515 Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" version 1.5.2.6 and earlier allo...
CVE-2018-0516 Untrusted search path vulnerability in FLET'S v4 / v6 address selection tool allows an attacker to g...
CVE-2018-0517 Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and earlier...
CVE-2018-0518 LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allow...
CVE-2018-0519 Cross-site scripting vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacke...
M
CVE-2018-0520 Cross-site request forgery (CSRF) vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allo...
M
CVE-2018-0521 Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and e...
CVE-2018-0522 Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute ...
CVE-2018-0523 Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS comman...
CVE-2018-0524 Jubatus 1.0.2 and earlier allows remote code execution via unspecified vectors....
CVE-2018-0525 Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows remote attackers to read arbit...
CVE-2018-0526 Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external ser...
CVE-2018-0527 Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inje...
CVE-2018-0528 Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the s...
CVE-2018-0529 Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified ...
CVE-2018-0530 SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attacker...
CVE-2018-0531 Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to v...
CVE-2018-0532 Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to a...
CVE-2018-0533 Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to a...
CVE-2018-0534 Cross-site scripting vulnerability in ArsenoL Version 0.5 allows an attacker to inject arbitrary web...
CVE-2018-0535 Cross-site scripting vulnerability in PHP 2chBBS version bbs18c allows an attacker to inject arbitra...
CVE-2018-0536 Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web...
CVE-2018-0537 Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web...
CVE-2018-0538 Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web...
CVE-2018-0539 QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors....
CVE-2018-0540 Untrusted search path vulnerability in ViX version 2.21.148.0 allows an attacker to gain privileges ...
CVE-2018-0541 Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service (DoS) co...
CVE-2018-0542 Directory traversal vulnerability in WebProxy version 1.7.8 allows an attacker to read arbitrary fil...
CVE-2018-0543 Untrusted search path vulnerability in Jtrim 1.53c and earlier (Installer) allows an attacker to gai...
CVE-2018-0544 Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to g...
CVE-2018-0545 LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified ...
M
CVE-2018-0546 Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allo...
CVE-2018-0547 Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allo...
CVE-2018-0548 Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to v...
CVE-2018-0549 Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attac...
CVE-2018-0550 Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to v...
CVE-2018-0551 Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attac...
CVE-2018-0552 Untrusted search path vulnerability in The installer of PhishWall Client Firefox and Chrome edition ...
CVE-2018-0553 The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from S...
CVE-2018-0554 Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute ar...
CVE-2018-0555 Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary...
CVE-2018-0556 Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via un...
CVE-2018-0557 Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers ...
CVE-2018-0558 Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attacke...
CVE-2018-0559 Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inje...
CVE-2018-0560 Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via...
CVE-2018-0561 Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition V...
CVE-2018-0562 Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an ...
CVE-2018-0563 Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application ...
CVE-2018-0564 Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0....
CVE-2018-0565 Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inje...
CVE-2018-0566 Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the...
CVE-2018-0567 Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass access restriction to access...
CVE-2018-0568 Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows rem...
CVE-2018-0569 baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote...
CVE-2018-0570 Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0....
CVE-2018-0571 baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote...
CVE-2018-0572 baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote...
CVE-2018-0573 baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote...
CVE-2018-0574 Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0....
CVE-2018-0575 baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote...
CVE-2018-0576 Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allow...
CVE-2018-0577 Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allo...
CVE-2018-0578 Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allo...
CVE-2018-0579 Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin ...
CVE-2018-0580 Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Window...
CVE-2018-0581 Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allow...
CVE-2018-0582 Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allow...
CVE-2018-0583 Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 al...
CVE-2018-0584 IIJ SmartKey App for Android version 2.1.0 and earlier allows remote attackers to bypass authenticat...
CVE-2018-0585 Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress al...
CVE-2018-0586 Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to vers...
CVE-2018-0587 Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPres...
CVE-2018-0588 Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2....
CVE-2018-0589 Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to...
CVE-2018-0590 Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to...
CVE-2018-0591 The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify ...
CVE-2018-0592 Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via ...
CVE-2018-0593 Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gai...
CVE-2018-0594 Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a...
CVE-2018-0595 Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain...
CVE-2018-0596 Untrusted search path vulnerability in the installer of Visual Studio Community allows an attacker t...
CVE-2018-0597 Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gai...
CVE-2018-0598 Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled wit...
CVE-2018-0599 Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacke...
S
CVE-2018-0600 Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and...
CVE-2018-0601 Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Tr...
CVE-2018-0602 Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows...
CVE-2018-0603 Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers ...
CVE-2018-0604 Pixelpost v1.7.3 and earlier allows remote code execution via unspecified vectors....
CVE-2018-0605 Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject...
CVE-2018-0606 SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows remote authenticated attacker...
CVE-2018-0607 SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 all...
CVE-2018-0608 Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code o...
CVE-2018-0609 Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to ...
S
CVE-2018-0610 Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an a...
CVE-2018-0611 The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, ...
CVE-2018-0612 Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to ...
CVE-2018-0613 NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 ...
CVE-2018-0614 Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.372...
CVE-2018-0617 Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to ...
CVE-2018-0618 Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attacke...
CVE-2018-0619 Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5...
CVE-2018-0620 Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an att...
CVE-2018-0621 Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 a...
CVE-2018-0622 The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates fro...
CVE-2018-0623 Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver...
CVE-2018-0624 Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver...
CVE-2018-0625 Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute a...
CVE-2018-0626 Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute a...
CVE-2018-0627 Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute a...
CVE-2018-0628 Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute a...
CVE-2018-0629 Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS ...
CVE-2018-0630 Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS ...
CVE-2018-0631 Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS ...
CVE-2018-0632 Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to ex...
CVE-2018-0633 Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to ex...
CVE-2018-0634 Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS...
CVE-2018-0635 Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS...
CVE-2018-0636 Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS...
CVE-2018-0637 Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS...
CVE-2018-0638 Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS...
CVE-2018-0639 Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS...
CVE-2018-0640 Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to e...
CVE-2018-0641 Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to e...
CVE-2018-0642 Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attack...
CVE-2018-0643 Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and ear...
CVE-2018-0644 Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-client2) 1:1.4....
CVE-2018-0645 MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors....
CVE-2018-0646 Directory traversal vulnerability in Explzh v.7.58 and earlier allows an attacker to read arbitrary ...
CVE-2018-0647 Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allo...
CVE-2018-0648 Untrusted search path vulnerability in installer of ChatWork Desktop App for Windows 2.3.0 and earli...
CVE-2018-0649 Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software p...
M
CVE-2018-0650 The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509 certificat...
CVE-2018-0651 Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.1...
CVE-2018-0652 Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attacke...
CVE-2018-0653 Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject a...
CVE-2018-0654 Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject a...
CVE-2018-0655 Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attacke...
CVE-2018-0656 Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and ea...
CVE-2018-0657 Cross-site scripting vulnerability in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Pay...
CVE-2018-0658 Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment ...
CVE-2018-0659 Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an a...
CVE-2018-0660 Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an a...
CVE-2018-0661 Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmwar...
CVE-2018-0662 Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmwar...
CVE-2018-0663 Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmwar...
CVE-2018-0664 A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environmen...
CVE-2018-0665 Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and earlier, NVR500 Rev.11.00.36 and...
CVE-2018-0666 Yamaha routers RT57i Rev.8.00.95 and earlier, RT58i Rev.9.01.51 and earlier, NVR500 Rev.11.00.36 and...
CVE-2018-0667 Untrusted search path vulnerability in Installer of INplc SDK Express 3.08 and earlier and Installer...
CVE-2018-0668 Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service (DoS...
CVE-2018-0669 INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary c...
CVE-2018-0670 INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary c...
CVE-2018-0671 Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows an attacker with administrato...
CVE-2018-0672 Cross-site scripting vulnerability in Movable Type versions prior to Ver. 6.3.1 allows remote attack...
CVE-2018-0673 Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to ...
CVE-2018-0674 AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors....
CVE-2018-0675 AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors....
CVE-2018-0676 BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypas...
CVE-2018-0677 BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same n...
CVE-2018-0678 Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same netwo...
CVE-2018-0679 Cross-site scripting vulnerability in multiple FXC Inc. network devices (Managed Ethernet switch FXC...
M
CVE-2018-0680 Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 a...
CVE-2018-0681 Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 a...
CVE-2018-0682 Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 a...
CVE-2018-0683 Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP v...
CVE-2018-0684 Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP v...
CVE-2018-0685 SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authentic...
CVE-2018-0686 Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 a...
CVE-2018-0687 Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and ear...
CVE-2018-0688 Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released...
CVE-2018-0689 HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions ...
CVE-2018-0690 An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could...
CVE-2018-0691 Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message...
S
CVE-2018-0692 Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an at...
CVE-2018-0693 Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an a...
S
CVE-2018-0694 FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified ve...
S
CVE-2018-0695 Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and earlier allows remo...
CVE-2018-0696 OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote a...
CVE-2018-0697 Cross-site scripting vulnerability in Metabase version 0.29.3 and earlier allows remote attackers to...
CVE-2018-0698 Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows remote attackers to inject arb...
M
CVE-2018-0699 Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier allows remote attackers to inject a...
CVE-2018-0700 YukiWiki 2.1.3 and earlier does not process a particular request properly that may allow consumption...
CVE-2018-0701 BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for...
CVE-2018-0702 Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 allows remote attackers to delet...
CVE-2018-0703 Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delet...
CVE-2018-0704 Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delet...
CVE-2018-0705 Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arb...
CVE-2018-0706 Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier coul...
E
CVE-2018-0707 Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.10...
E
CVE-2018-0708 Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 an...
E
CVE-2018-0709 Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earl...
E
CVE-2018-0710 Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earli...
E
CVE-2018-0711 Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build 20180126, QTS 4.3.4 build 20180315,...
CVE-2018-0712 Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 201...
CVE-2018-0714 Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 2018...
CVE-2018-0715 Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remo...
E
CVE-2018-0716 Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS ...
CVE-2018-0718 Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4....
CVE-2018-0719 Security Advisory for Vulnerabilities in QTS
CVE-2018-0721 Security Advisory for Vulnerabilities in QTS
CVE-2018-0722 Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and ea...
CVE-2018-0723 Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions...
S
CVE-2018-0724 Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions...
S
CVE-2018-0728 This improper access control vulnerability in Helpdesk allows attackers to access the system logs. T...
CVE-2018-0729 This command injection vulnerability in Music Station allows attackers to execute commands on the af...
CVE-2018-0730 This command injection vulnerability in File Station allows attackers to execute commands on the aff...
CVE-2018-0731 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2018-0732 Client DoS due to large DH parameter
S
CVE-2018-0733 Incorrect CRYPTO_memcmp on HP-UX PA-RISC
CVE-2018-0734 Timing attack against DSA
S
CVE-2018-0735 Timing attack against ECDSA signature generation
S
CVE-2018-0736 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2018-0737 Cache timing vulnerability in RSA Key Generation
CVE-2018-0738 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack
S
CVE-2018-0740 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2018-0741 The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allo...
S
CVE-2018-0742 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
S
CVE-2018-0743 Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server,...
E S
CVE-2018-0744 The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 160...
E
CVE-2018-0745 The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version ...
E
CVE-2018-0746 The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 160...
E
CVE-2018-0747 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
CVE-2018-0748 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
E S
CVE-2018-0749 The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Se...
E S
CVE-2018-0750 The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an informat...
CVE-2018-0751 The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511,...
E
CVE-2018-0752 The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511,...
E S
CVE-2018-0753 Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Wind...
CVE-2018-0754 The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Win...
S
CVE-2018-0755 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Ser...
S
CVE-2018-0756 The Windows kernel in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Se...
S
CVE-2018-0757 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
S
CVE-2018-0758 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke...
E S
CVE-2018-0760 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1, Windows Server...
S
CVE-2018-0761 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Ser...
S
CVE-2018-0762 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Window...
S
CVE-2018-0763 Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge ...
S
CVE-2018-0764 Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 ...
S
CVE-2018-0765 A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, a...
S
CVE-2018-0766 Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows ...
S
CVE-2018-0767 Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an att...
E S
CVE-2018-0768 Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the...
S
CVE-2018-0769 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke...
E S
CVE-2018-0770 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke...
E S
CVE-2018-0771 Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature...
S
CVE-2018-0772 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Window...
S
CVE-2018-0773 Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the...
S
CVE-2018-0774 Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the...
E S
CVE-2018-0775 Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the...
E S
CVE-2018-0776 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke...
E S
CVE-2018-0777 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke...
E S
CVE-2018-0778 Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the...
S
CVE-2018-0780 Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows ...
E S
CVE-2018-0781 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke...
S
CVE-2018-0784 ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core...
S
CVE-2018-0785 ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET C...
S
CVE-2018-0786 Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Co...
S
CVE-2018-0787 ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applicat...
S
CVE-2018-0788 The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Win...
S
CVE-2018-0789 Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Serv...
S
CVE-2018-0790 Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Serv...
S
CVE-2018-0791 Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 a...
S
CVE-2018-0792 Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the...
S
CVE-2018-0793 Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execut...
S
CVE-2018-0794 Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft...
S
CVE-2018-0795 Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code executio...
S
CVE-2018-0796 Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof...
S
CVE-2018-0797 Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code executio...
S
CVE-2018-0798 Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof...
KEV S
CVE-2018-0799 Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise ...
S
CVE-2018-0800 Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further comp...
S
CVE-2018-0801 Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof...
S
CVE-2018-0802 Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof...
KEV E S
CVE-2018-0803 Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows ...
S
CVE-2018-0804 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0805 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0806 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0807 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0808 ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web ...
S
CVE-2018-0809 The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an...
S
CVE-2018-0810 The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows ...
S
CVE-2018-0811 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0812 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0813 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0814 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0815 The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Wind...
S
CVE-2018-0816 The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows...
S
CVE-2018-0817 The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows...
S
CVE-2018-0818 Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with anoth...
CVE-2018-0819 Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a u...
S
CVE-2018-0820 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
S
CVE-2018-0821 AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, ...
E S
CVE-2018-0822 NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version ...
E S
CVE-2018-0823 The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an ele...
E S
CVE-2018-0824 A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properl...
KEV E S
CVE-2018-0825 StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Window...
S
CVE-2018-0826 Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and W...
E S
CVE-2018-0827 Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 a...
S
CVE-2018-0828 Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to...
S
CVE-2018-0829 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
S
CVE-2018-0830 The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Win...
S
CVE-2018-0831 The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Serve...
S
CVE-2018-0832 The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1...
E S
CVE-2018-0833 The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Wi...
E S
CVE-2018-0834 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
E
CVE-2018-0835 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
E S
CVE-2018-0836 Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, du...
S
CVE-2018-0837 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
E S
CVE-2018-0838 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
E S
CVE-2018-0839 Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles o...
S
CVE-2018-0840 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT...
E S
CVE-2018-0841 Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects a...
S
CVE-2018-0842 Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R...
S
CVE-2018-0843 The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information...
S
CVE-2018-0844 The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S...
S
CVE-2018-0845 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0846 The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows S...
S
CVE-2018-0847 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT...
S
CVE-2018-0848 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0849 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0850 Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and ...
S
CVE-2018-0851 Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office...
S
CVE-2018-0852 Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Micro...
S
CVE-2018-0853 Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsof...
S
CVE-2018-0854 A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attack...
S
CVE-2018-0855 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Ser...
S
CVE-2018-0856 Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, du...
S
CVE-2018-0857 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
S
CVE-2018-0858 ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects ...
CVE-2018-0859 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
E
CVE-2018-0860 Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
E S
CVE-2018-0861 Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execut...
S
CVE-2018-0862 Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of...
S
CVE-2018-0864 SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure...
S
CVE-2018-0866 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Window...
E S
CVE-2018-0868 Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT...
S
CVE-2018-0869 SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are ha...
S
CVE-2018-0870 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-0871 An information disclosure vulnerability exists when Edge improperly marks files, aka "Microsoft Edge...
S
CVE-2018-0872 ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
S
CVE-2018-0873 ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 201...
S
CVE-2018-0874 ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv...
S
CVE-2018-0875 .NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulne...
S
CVE-2018-0876 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote cod...
S
CVE-2018-0877 The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, and 1709, Windows Server 2016...
E S
CVE-2018-0878 Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8....
E S
CVE-2018-0879 Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in ...
S
CVE-2018-0880 The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, versi...
E S
CVE-2018-0881 The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and ...
S
CVE-2018-0882 The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, versi...
E S
CVE-2018-0883 Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1...
S
CVE-2018-0884 Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and ...
S
CVE-2018-0885 The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 ...
S
CVE-2018-0886 The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and...
E S
CVE-2018-0887 An information disclosure vulnerability exists when the Windows kernel fails to properly initialize ...
S
CVE-2018-0888 The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 ...
S
CVE-2018-0889 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote cod...
S
CVE-2018-0890 A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Iso...
S
CVE-2018-0891 ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Window...
E S
CVE-2018-0892 An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in mem...
S
CVE-2018-0893 Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote cod...
S
CVE-2018-0894 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
E S
CVE-2018-0895 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
E S
CVE-2018-0896 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0897 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
E S
CVE-2018-0898 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0899 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0900 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0901 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
E S
CVE-2018-0902 The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, ...
S
CVE-2018-0903 Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 20...
S
CVE-2018-0904 The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, W...
S
CVE-2018-0907 Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, ...
S
CVE-2018-0908 Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not ...
S
CVE-2018-0909 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0910 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0911 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0912 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0913 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0914 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0915 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0916 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation...
S
CVE-2018-0917 Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due ho...
S
CVE-2018-0919 Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2...
S
CVE-2018-0920 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to ...
S
CVE-2018-0921 Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due ho...
S
CVE-2018-0922 Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2...
S
CVE-2018-0923 Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due ho...
S
CVE-2018-0924 Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumul...
S
CVE-2018-0925 ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects ...
S
CVE-2018-0926 The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and R...
S
CVE-2018-0927 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT...
S
CVE-2018-0929 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Wi...
S
CVE-2018-0930 ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how ...
S
CVE-2018-0931 ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows rem...
S
CVE-2018-0932 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT...
S
CVE-2018-0933 ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows rem...
E S
CVE-2018-0934 ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows rem...
E S
CVE-2018-0935 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Window...
E S
CVE-2018-0936 ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scriptin...
S
CVE-2018-0937 ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra...
S
CVE-2018-0939 ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how t...
S
CVE-2018-0940 Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update ...
S
CVE-2018-0941 Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Exchange Server 2016 Cumulative Upd...
S
CVE-2018-0942 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Wi...
S
CVE-2018-0943 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-0944 Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevatio...
S
CVE-2018-0945 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-0946 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
E S
CVE-2018-0947 Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an el...
S
CVE-2018-0949 A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles r...
S
CVE-2018-0950 An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email mess...
S
CVE-2018-0951 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-0952 An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file c...
E S
CVE-2018-0953 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
E S
CVE-2018-0954 A remote code execution vulnerability exists in the way the scripting engine handles objects in memo...
S
CVE-2018-0955 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-0956 A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys imp...
S
CVE-2018-0957 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails...
S
CVE-2018-0958 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass De...
S
CVE-2018-0959 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly...
S
CVE-2018-0960 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in...
S
CVE-2018-0961 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly...
S
CVE-2018-0963 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in...
S
CVE-2018-0964 An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails...
S
CVE-2018-0965 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly...
S
CVE-2018-0966 A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Dev...
E S
CVE-2018-0967 A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP...
S
CVE-2018-0968 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0969 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0970 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0971 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0972 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0973 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0974 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0975 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to...
E S
CVE-2018-0976 A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects ...
S
CVE-2018-0977 The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 a...
S
CVE-2018-0978 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-0979 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-0980 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
E S
CVE-2018-0981 An information disclosure vulnerability exists in the way that the scripting engine handles objects ...
S
CVE-2018-0982 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permi...
E S
CVE-2018-0983 Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and W...
S
CVE-2018-0986 A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not p...
E S
CVE-2018-0987 An information disclosure vulnerability exists when the scripting engine does not properly handle ob...
S
CVE-2018-0988 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-0989 An information disclosure vulnerability exists in the way that the scripting engine handles objects ...
S
CVE-2018-0990 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-0991 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-0993 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-0994 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-0995 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles obj...
S
CVE-2018-0996 A remote code execution vulnerability exists in the way that the scripting engine handles objects in...
S
CVE-2018-0997 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in m...
S
CVE-2018-0998 An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles obj...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.