Skip to main content
CVE-2018-3566 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overwrite may occur in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Linux Google Mozilla Qualcomm +1
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-3563 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference RCE Denial Of Service Linux Google +3
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-4175 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-4170 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-4160 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Information Disclosure Apple +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2018-4150 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Iphone Os +3
NVD
CVSS 3.0
7.8
EPSS
4.7%
CVE-2018-4144 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Buffer Overflow Apple Iphone Os +5
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2018-4143 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Iphone Os +3
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2018-4136 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Information Disclosure Apple +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2018-4135 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-4132 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Intel Apple +1
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-4131 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Iphone Os Mac Os X
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2018-4109 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Apple Tv +2
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-4098 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-4097 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Mac Os X
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-4094 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Apple Tv +3
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-4082 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Apple Apple Tv +3
NVD
CVSS 3.0
7.8
EPSS
1.4%
CVE-2018-9240 HIGH This Week

ncmpc through 0.29 is prone to a NULL pointer dereference flaw. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Ncmpc Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2018-8779 HIGH PATCH This Week

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ruby Ubuntu Linux Debian Linux
NVD
CVSS 3.0
7.5
EPSS
7.2%
CVE-2018-8778 HIGH PATCH This Week

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ruby Ubuntu Linux Debian Linux Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
7.8%
CVE-2018-8777 HIGH PATCH This Week

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Ruby Debian Linux Ubuntu Linux Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
4.6%
CVE-2018-8049 HIGH This Week

The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 3.0.1999, 3.1.x, 3.2.x before 3.2.030, and 3.3.x before 3.3.016, when running on Linux and AIX, allows remote attackers to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stealth Svg
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2018-6914 HIGH PATCH This Week

Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Ruby Ubuntu Linux Debian Linux Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
10.6%
CVE-2018-3598 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, insufficient validation of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Linux Information Disclosure Google Mozilla Qualcomm +1
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2018-3584 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Linux Google Mozilla +3
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2018-4142 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Iphone Os Mac Os X Tvos +1
NVD
CVSS 3.0
7.5
EPSS
2.9%
CVE-2018-4140 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Apple Iphone Os
NVD
CVSS 3.0
7.5
EPSS
3.3%
CVE-2018-4137 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari Iphone Os
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-4100 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Iphone Os Mac Os X Watchos
NVD
CVSS 3.0
7.5
EPSS
2.9%
CVE-2018-5822 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, compromised WLAN FW can potentially. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Linux Google Mozilla Qualcomm +1
NVD
CVSS 3.0
7.3
EPSS
0.4%
CVE-2018-5821 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in function. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Linux Google Mozilla +2
NVD
CVSS 3.0
7.3
EPSS
0.3%
CVE-2018-5820 HIGH This Week

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Linux Google Mozilla +2
NVD
CVSS 3.0
7.3
EPSS
0.4%
CVE-2018-0493 HIGH This Week

remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Buffer Overflow Remctl Debian Linux
NVD
CVSS 3.0
7.2
EPSS
2.5%
CVE-2018-4167 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X +2
NVD
CVSS 3.0
7.0
EPSS
1.2%
CVE-2018-4166 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X +2
NVD
CVSS 3.0
7.0
EPSS
1.2%
CVE-2018-4158 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X +1
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2018-4157 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X +2
NVD
CVSS 3.0
7.0
EPSS
1.2%
CVE-2018-4156 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X
NVD
CVSS 3.0
7.0
EPSS
1.2%
CVE-2018-4155 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X +2
NVD
CVSS 3.0
7.0
EPSS
1.2%
CVE-2018-4154 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X
NVD
CVSS 3.0
7.0
EPSS
1.2%
CVE-2018-4152 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Mac Os X
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2018-4151 HIGH This Week

An issue was discovered in certain Apple products. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition RCE Apple Iphone Os Mac Os X
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2018-4146 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Buffer Overflow Apple Safari +7
NVD
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-4117 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Apple Safari Iphone Os +9
NVD
CVSS 3.0
6.5
EPSS
3.1%
CVE-2018-4116 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari
NVD
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-4113 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Apple Safari Iphone Os +6
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-4107 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X
NVD
CVSS 3.0
6.5
EPSS
2.1%
CVE-2018-4102 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-4133 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari Ubuntu Linux Webkitgtk
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-5826 MEDIUM This Month

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, due to a race condition, a Use After. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Denial Of Service Linux Race Condition Mozilla +2
NVD
CVSS 3.0
5.9
EPSS
0.3%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy