| 0 |
| url |
VCID-2gc7-kn57-b3ak |
| vulnerability_id |
VCID-2gc7-kn57-b3ak |
| summary |
The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11378 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42184 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42277 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42252 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42181 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42239 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42268 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.4221 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42261 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42291 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42254 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00201 |
| scoring_system |
epss |
| scoring_elements |
0.42226 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11378 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11378
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2gc7-kn57-b3ak |
|
| 1 |
| url |
VCID-627w-z5ne-kye4 |
| vulnerability_id |
VCID-627w-z5ne-kye4 |
| summary |
The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11381 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48095 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48031 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48043 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11381 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11381
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-627w-z5ne-kye4 |
|
| 2 |
| url |
VCID-aekg-54vs-6yca |
| vulnerability_id |
VCID-aekg-54vs-6yca |
| summary |
In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-8810 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45292 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45372 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45392 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45336 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45391 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45413 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45382 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45383 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45435 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4543 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4538 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-8810 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-8810
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-aekg-54vs-6yca |
|
| 3 |
| url |
VCID-ausu-fn3w-kueu |
| vulnerability_id |
VCID-ausu-fn3w-kueu |
| summary |
The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11379 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48095 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48031 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48043 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11379 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11379
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ausu-fn3w-kueu |
|
| 4 |
| url |
VCID-bkmk-u5ep-w3cq |
| vulnerability_id |
VCID-bkmk-u5ep-w3cq |
| summary |
In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. Note that this issue is different from CVE-2018-8809, which was patched earlier. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-10187 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45292 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45372 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45392 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45336 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45391 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45413 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45382 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45383 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45435 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4543 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4538 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-10187 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-10187
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bkmk-u5ep-w3cq |
|
| 5 |
| url |
VCID-egzy-8xjc-muc1 |
| vulnerability_id |
VCID-egzy-8xjc-muc1 |
| summary |
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-8808 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45292 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45372 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45392 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45336 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45391 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45413 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45382 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45383 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45435 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4543 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4538 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-8808 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-8808
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-egzy-8xjc-muc1 |
|
| 6 |
| url |
VCID-fuw5-x3dd-6yg8 |
| vulnerability_id |
VCID-fuw5-x3dd-6yg8 |
| summary |
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11383 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48095 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48031 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48043 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11383 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11383
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fuw5-x3dd-6yg8 |
|
| 7 |
| url |
VCID-mcfw-hm7m-uuh5 |
| vulnerability_id |
VCID-mcfw-hm7m-uuh5 |
| summary |
In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted DEX file. This issue is different from CVE-2017-15368. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-10186 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45292 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45372 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45392 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45336 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45391 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45413 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45382 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45383 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45435 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4543 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4538 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-10186 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-10186
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mcfw-hm7m-uuh5 |
|
| 8 |
| url |
VCID-myn1-h1xa-5ba7 |
| vulnerability_id |
VCID-myn1-h1xa-5ba7 |
| summary |
The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11380 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48095 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48031 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48043 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11380 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11380
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-myn1-h1xa-5ba7 |
|
| 9 |
| url |
VCID-qvdt-rhku-v7cb |
| vulnerability_id |
VCID-qvdt-rhku-v7cb |
| summary |
The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11376 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48095 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48031 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48043 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11376 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11376
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qvdt-rhku-v7cb |
|
| 10 |
| url |
VCID-sf7m-amp2-ebde |
| vulnerability_id |
VCID-sf7m-amp2-ebde |
| summary |
The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11377 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49032 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48984 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49036 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48927 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48963 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.4899 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48944 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48998 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48994 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49011 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11377 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11377
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sf7m-amp2-ebde |
|
| 11 |
| url |
VCID-uxqx-tssw-jqfz |
| vulnerability_id |
VCID-uxqx-tssw-jqfz |
| summary |
In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-8809 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.3249 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32635 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.3267 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32493 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.3254 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32565 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32568 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32531 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32503 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32538 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32516 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.0013 |
| scoring_system |
epss |
| scoring_elements |
0.32484 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-8809 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-8809
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uxqx-tssw-jqfz |
|
| 12 |
| url |
VCID-vemn-pw8w-y3dq |
| vulnerability_id |
VCID-vemn-pw8w-y3dq |
| summary |
The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11384 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48046 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48095 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4809 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47976 |
| published_at |
2026-04-01T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48014 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48034 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48031 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48055 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48043 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11384 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11384
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vemn-pw8w-y3dq |
|