Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-ra25-57uw-wqc2
Vulnerability ID VCID-ra25-57uw-wqc2
Aliases CVE-2018-1120
Summary
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-122 Heap-based Buffer Overflow
System Score Found at
cvssv3 2.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1120.json
epss 0.0144 https://api.first.org/data/v1/epss?cve=CVE-2018-1120
epss 0.0144 https://api.first.org/data/v1/epss?cve=CVE-2018-1120
epss 0.0144 https://api.first.org/data/v1/epss?cve=CVE-2018-1120
epss 0.0144 https://api.first.org/data/v1/epss?cve=CVE-2018-1120
cvssv3 3.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux High https://security.archlinux.org/AVG-701
archlinux High https://security.archlinux.org/AVG-702
archlinux High https://security.archlinux.org/AVG-703
archlinux High https://security.archlinux.org/AVG-704
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1120.json
https://api.first.org/data/v1/epss?cve=CVE-2018-1120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1120
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1575472 https://bugzilla.redhat.com/show_bug.cgi?id=1575472
AVG-701 https://security.archlinux.org/AVG-701
AVG-702 https://security.archlinux.org/AVG-702
AVG-703 https://security.archlinux.org/AVG-703
AVG-704 https://security.archlinux.org/AVG-704
CVE-2018-1124;CVE-2018-1123;CVE-2018-1122;CVE-2018-1121;CVE-2018-1120 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44806.txt
RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948
RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083
RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096
RHSA-2020:3804 https://access.redhat.com/errata/RHSA-2020:3804
RHSA-2020:3810 https://access.redhat.com/errata/RHSA-2020:3810
USN-3752-1 https://usn.ubuntu.com/3752-1/
USN-3752-2 https://usn.ubuntu.com/3752-2/
USN-3752-3 https://usn.ubuntu.com/3752-3/
USN-3910-1 https://usn.ubuntu.com/3910-1/
USN-3910-2 https://usn.ubuntu.com/3910-2/
Data source Exploit-DB
Date added May 30, 2018
Description Procps-ng - Multiple Vulnerabilities
Ransomware campaign use Unknown
Source publication date May 30, 2018
Exploit type local
Platform linux
Source update date May 30, 2018
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1120.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.81147
EPSS Score 0.0144
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-10T18:06:27.488172+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 38.6.0