Strix
26.1K

2018 CVE Vulnerabilities

17,817 CVEs published in 2018.

CRITICAL468

2.6%

HIGH1,372

7.7%

MEDIUM1,127

6.3%

LOW35

0.2%

UNKNOWN14,815

83.2%

Filter:MEDIUMClear
CVE IDSeverityCVSSDescription
CVE-2018-25435MEDIUM6.9ZeusCart 4.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions o...
CVE-2018-25423MEDIUM6.9Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplyin...
CVE-2018-25397MEDIUM6.9PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administra...
CVE-2018-25387MEDIUM6.9HaPe PKH 1.1 contains a cross-site request forgery vulnerability that allows attackers to change administrator passwords...
CVE-2018-25384MEDIUM5.1Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious sc...
CVE-2018-25378MEDIUM6.9Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supp...
CVE-2018-25370MEDIUM6.9Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their perm...
CVE-2018-25369MEDIUM6.9Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to cras...
CVE-2018-25367MEDIUM6.9NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by sup...
CVE-2018-25363MEDIUM5.3Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to del...
CVE-2018-25354MEDIUM5.3Joomla Component jomres 9.11.2 contains a cross-site request forgery vulnerability that allows attackers to modify user ...
CVE-2018-25349MEDIUM5.1userSpice 4.3.24 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through...
CVE-2018-25343MEDIUM5.3Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by trickin...
CVE-2018-25337MEDIUM5.3Joomla JoomOCShop 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized ...
CVE-2018-25336MEDIUM6.9jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user acco...
CVE-2018-25334MEDIUM5.3Zechat 1.5 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to change a user's informa...
CVE-2018-25331MEDIUM5.1Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to i...
CVE-2018-25327MEDIUM6.9Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform sta...
CVE-2018-25324MEDIUM6.9Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticat...
CVE-2018-25321MEDIUM5.3TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform u...
CVE-2018-25313MEDIUM6.9SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers ...
CVE-2018-25310MEDIUM5.3VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows au...
CVE-2018-25309MEDIUM5.1MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malici...
CVE-2018-25306MEDIUM6.9PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by process...
CVE-2018-25305MEDIUM6.9librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service b...

Check if your code is affected by 2018 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now