LiveActive security incident?Get immediate response
CVE archive

April 2018

Browse CVE records published in April 2018, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 1687 matching CVEs · Page 1 of 34.

High · CVSS 7.5

CVE-2018-16561: A vulnerability has been identified in SIMATIC S7-300 CPUs (All versions < V3.X.16).

A vulnerability has been identified in SIMATIC S7-300 CPUs (All versions < V3.X.16). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart. Successful exploitation requires an attacker to be able to send a specially crafted S7 communication packet to a communication interface of the CPU. This includes Ethernet, PROFIBUS, and Multi Point Interfaces (MPI). No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the core functionality of the CPU, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue.

Published Apr 17, 2019 · Updated Jun 2, 2026

High · CVSS 8.6

CVE-2018-25265: LanSpy 2.0.1.159 Local Buffer Overflow

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode, triggering code execution through SEH chain manipulation and controlled jumps.

Published Apr 22, 2026 · Updated May 14, 2026

High · CVSS 8.6

CVE-2018-25260: MAGIX Music Editor 3.1 Buffer Overflow via SEH

MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted.

Published Apr 22, 2026 · Updated May 14, 2026

Critical · CVSS 9.8

CVE-2018-25237: Hirschmann HiSecOS Buffer Overflow via HTTPS Login

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution.

Published Apr 3, 2026 · Updated May 14, 2026

Critical · CVSS 9.8

CVE-2018-25236: Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Management

Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests. Attackers can exploit improper authentication handling to obtain the authentication status and privileges of a previously authenticated user without providing valid credentials.

Published Apr 3, 2026 · Updated May 14, 2026

High · CVSS 8.6

CVE-2018-25301: Easy MPEG to DVD Burner 1.7.11 SEH Local Buffer Overflow

Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode that overwrites the SEH handler to redirect execution and run arbitrary commands like opening calc.exe.

Published Apr 29, 2026 · Updated May 4, 2026

High · CVSS 8.6

CVE-2018-25307: SysGauge Pro 4.6.12 Local Buffer Overflow SEH

SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute arbitrary code with application privileges.

Published Apr 29, 2026 · Updated May 1, 2026

Medium · CVSS 6.9

CVE-2018-25313: SysGauge 4.5.18 Local Denial of Service via Proxy Configuration

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the application.

Published Apr 29, 2026 · Updated May 1, 2026

High · CVSS 8.8

CVE-2018-25300: XATABoost CMS 1.0.0 SQL Injection via news.php

XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers can send GET requests to news.php with malicious id values to extract sensitive database information.

Published Apr 29, 2026 · Updated Apr 30, 2026

Medium · CVSS 6.9

CVE-2018-25306: PDFunite 0.41.0 Buffer Overflow via Malformed PDF

PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF file to the pdfunite utility.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 7.1

CVE-2018-25312: LifeSize ClearSea 3.1.4 Directory Traversal Remote Code Execution

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to arbitrary locations on the system, enabling remote code execution.

Published Apr 29, 2026 · Updated Apr 30, 2026

Critical · CVSS 9.8

CVE-2018-25318: Tenda FH303/A300 V5.07.68_EN Cookie Session Weakness DNS Change

Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS servers and redirect user traffic to malicious sites.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 7.1

CVE-2018-25311: VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal 2.10 (X-Prototype-Version: 1.6.0.2)

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, download_xml.pl, download.pl, downloadmib.pl, or downloadFile.pl with directory traversal payloads to read sensitive system files like /etc/passwd.

Published Apr 29, 2026 · Updated Apr 30, 2026

Critical · CVSS 9.8

CVE-2018-25317: Tenda W3002R/A302/W309R V5.07.64_en Cookie Session Weakness DNS Change

Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers.

Published Apr 29, 2026 · Updated Apr 30, 2026

Medium · CVSS 6.9

CVE-2018-25305: librsvg2-bin 2.40.13 Buffer Overflow via Malformed SVG

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.6

CVE-2018-25299: Prime95 29.4b8 Local Buffer Overflow via SEH

Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malicious payload through the optional proxy hostname field in the PrimeNet connection settings to trigger the overflow and execute system commands.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.6

CVE-2018-25315: Alloksoft Video joiner 4.6.1217 Buffer Overflow via License Name

Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 7.2

CVE-2018-25309: MyBB Recent threads 17.0 Persistent Cross-Site Scripting

MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can create threads with script tags in the subject parameter to execute arbitrary JavaScript in the browsers of all users viewing the index page.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.6

CVE-2018-25303: Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH

Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input string with 780 bytes of junk data followed by SEH chain pointers and shellcode, then paste it into the License Name field during registration to achieve code execution.

Published Apr 29, 2026 · Updated Apr 30, 2026

Medium · CVSS 6.9

CVE-2018-25298: Merge PACS 7.0 Cross-Site Request Forgery via merge-viewer

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hijack user sessions and gain unauthorized access to the PACS system.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.6

CVE-2018-25304: Free Download Manager 2.0 Built 417 Local Buffer Overflow SEH

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites the SEH chain and executes arbitrary code.

Published Apr 29, 2026 · Updated Apr 30, 2026

Critical · CVSS 9.8

CVE-2018-25316: Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change

Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS servers and redirect user traffic to malicious sites.

Published Apr 29, 2026 · Updated Apr 30, 2026

Medium · CVSS 5.3

CVE-2018-25310: VideoFlow Digital Video Protection DVP 10 Authenticated Remote Code Execution

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can leverage the CSRF vulnerability to inject and execute system commands through the Tools > System > Shell interface, gaining root-level access to the device.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.6

CVE-2018-25314: Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 Buffer Overflow

Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious input containing shellcode with structured exception handler (SEH) overwrite to bypass protections and execute code with application privileges.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.8

CVE-2018-25308: BuddyPress Xprofile Custom Fields Type 2.6.3 Remote Code Execution

BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attackers can modify the field_hiddenfile and field_deleteimg parameters during profile editing to unlink files from the server.

Published Apr 29, 2026 · Updated Apr 30, 2026

High · CVSS 8.5

CVE-2018-25302: Allok AVI to DVD SVCD VCD Converter 4.0.1217 Buffer Overflow SEH

Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with junk data, NSEH bypass, SEH handler address, and shellcode that triggers the overflow when pasted into the License Name field and the Register button is clicked, resulting in code execution.

Published Apr 29, 2026 · Updated Apr 30, 2026

Medium · CVSS 6.9

CVE-2018-25295: ObserverIP Scan Tool 1.4.0.1 Denial of Service via IP Field

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operation to cause an application crash.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25289: Softdisk 3.0.3 Buffer Overflow Denial of Service

Softdisk 3.0.3 contains a buffer overflow vulnerability in the registration code dialog that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by entering a 6000-byte payload in the Registration Name field through the Help menu's Enter Registration Code dialog to cause a denial of service.

Published Apr 26, 2026 · Updated Apr 27, 2026

High · CVSS 8.6

CVE-2018-25283: iSmartViewPro 1.5 Buffer Overflow via SavePath Parameter

iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to overwrite SEH records and execute shellcode with application privileges.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25277: PixGPS 1.1.8 Buffer Overflow Denial of Service

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denial of service condition.

Published Apr 26, 2026 · Updated Apr 27, 2026

High · CVSS 8.6

CVE-2018-25263: Faleemi Desktop Software 1.8.2 Local Buffer Overflow SEH

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log interface to execute arbitrary code with calculator proof-of-concept execution.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25264: TransMac 12.2 Denial of Service via License Key Field

TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25278: PicaJet FX 2.6.5 Denial of Service via Registration Fields

PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet dialog to trigger an application crash.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25284: HD Tune Pro 5.70 Denial of Service via Options Dialog

HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File > Options > Save dialog's folder/file name input field.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25290: Easyboot 6.6.0 Buffer Overflow Denial of Service

Easyboot 6.6.0 contains a buffer overflow vulnerability in the Replace Text function that allows local attackers to crash the application by supplying an oversized string. Attackers can trigger the vulnerability by accessing File > Tools > Replace Text and pasting a 7000-byte payload into the text fields to cause a denial of service.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.8

CVE-2018-25296: P10 Central Management Software 1.4.13 Denial of Service

P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an application crash and denial of service.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25273: CrossFont 7.5 Denial of Service via License Key Field

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an application crash when processing the input.

Published Apr 26, 2026 · Updated Apr 27, 2026

High · CVSS 8.7

CVE-2018-25294: CEWE Photoshow 6.3.4 Buffer Overflow Denial of Service

CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can inject 4000 bytes of data into the email address and password fields to trigger a denial of service condition.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25288: StyleWriter 1.0 Denial of Service via Pattern Input

StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 6000-byte payload into the Pattern to Find or Advice Message fields in the Add Pattern dialog to trigger a denial of service condition.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25279: jiNa OCR Image to Text 1.0 Denial of Service via PNG

jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert the file to PDF.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25282: Nmap 7.70 Denial of Service via XML Entity Expansion

Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.8

CVE-2018-25276: RoboImport 1.2.0.72 Denial of Service via Registration Fields

RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an application crash.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.8

CVE-2018-25285: Fathom 2.4 Denial of Service via Authorization Code Buffer Overflow

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of service condition.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25291: Project64 2.3.2 Denial of Service via Plugin Directory

Project64 2.3.2 contains a buffer overflow vulnerability in the Plugin Directory settings field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 6000-byte payload into the Plugin Directory field through the Options > Settings > Directories interface to trigger an application crash when settings are reopened.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25297: Wansview 1.0.2 Denial of Service via Buffer Overflow

Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Camera name and DID number fields during camera addition to trigger application crashes.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25274: InfraRecorder 0.53 Denial of Service via txt File Import

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an application crash.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.8

CVE-2018-25280: Infiltrator Network Security Scanner 4.6 Denial of Service

Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a 6000-byte payload into the Scan Target field and trigger a denial of service condition when the Scan button is clicked.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25286: Easy PhotoResQ 1.0 Buffer Overflow Denial of Service

Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25292: Bome Restorator 1793 Denial of Service via Buffer Overflow

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can create a malicious payload exceeding 4000 bytes and paste it into the Name input field to trigger an application crash and denial of service.

Published Apr 26, 2026 · Updated Apr 27, 2026

Medium · CVSS 6.9

CVE-2018-25275: Faleemi Plus 1.0.2 Denial of Service via Buffer Overflow

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the Camera name and DID number fields during camera addition to trigger an application crash.

Published Apr 26, 2026 · Updated Apr 27, 2026