2018 CVE Vulnerabilities
17,817 CVEs published in 2018.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2018-25437 | HIGH | 8.7 | 0.3% | Jun 15, 2026 | WordPress CherryFramework Themes 3.1.4 contains an information disclosure vulnerability that allows unauthenticated atta... |
| CVE-2018-25436 | CRITICAL | 9.3 | 0.7% | Jun 15, 2026 | WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows... |
| CVE-2018-25435 | MEDIUM | 6.9 | 0.2% | Jun 1, 2026 | ZeusCart 4.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions o... |
| CVE-2018-25434 | HIGH | 8.8 | 0.3% | Jun 1, 2026 | WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25433 | HIGH | 8.8 | 0.3% | Jun 1, 2026 | Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to e... |
| CVE-2018-25432 | HIGH | 8.6 | 0.2% | Jun 1, 2026 | Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwri... |
| CVE-2018-25431 | HIGH | 7.1 | 0.3% | Jun 1, 2026 | No-Cms 1.0 contains an SQL injection vulnerability in the order_by parameter of the manage_privilege export endpoint tha... |
| CVE-2018-25430 | HIGH | 7.1 | 0.3% | Jun 1, 2026 | Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL que... |
| CVE-2018-25429 | HIGH | 7.1 | 0.3% | Jun 1, 2026 | Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL que... |
| CVE-2018-25428 | HIGH | 8.8 | 0.3% | Jun 1, 2026 | Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL q... |
| CVE-2018-25427 | CRITICAL | 9.3 | 0.9% | Jun 1, 2026 | Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary co... |
| CVE-2018-25426 | HIGH | 8.7 | 0.5% | May 30, 2026 | WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malfo... |
| CVE-2018-25425 | HIGH | 8.8 | 0.3% | May 30, 2026 | Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL que... |
| CVE-2018-25424 | HIGH | 8.8 | 0.3% | May 30, 2026 | Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass ... |
| CVE-2018-25423 | MEDIUM | 6.9 | 0.1% | May 30, 2026 | Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplyin... |
| CVE-2018-25422 | HIGH | 8.8 | 0.3% | May 30, 2026 | MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbit... |
| CVE-2018-25421 | HIGH | 7.1 | 0.3% | May 30, 2026 | Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files... |
| CVE-2018-25420 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25419 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25418 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25417 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25416 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25415 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25414 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
| CVE-2018-25413 | HIGH | 8.8 | 0.3% | May 30, 2026 | AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary S... |
Check if your code is affected by 2018 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now