How severe is CVE-2018-0894?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2018-0894?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2018-0894

MEDIUM Year: 2018

CVSS v3 Score

4.7

Medium

CVSS v2 Score

1.9

Low

Weakness Type

CWE-125

View all →

Vulnerability Description

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926.

CVE-2016-9811

MEDIUM

CVSS:4.7(Medium)

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a...

CWE-1252016

CVE-2017-12618

MEDIUM

CVSS:4.7(Medium)

Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A loca...

CWE-1252017

CVE-2017-4899

MEDIUM

CVSS:4.7(Medium)

VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. N...

CWE-1252017

CVE-2017-6883

MEDIUM

CVSS:4.7(Medium)

The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read an...

CWE-1252017

CVE-2018-10506

MEDIUM

CVSS:4.7(Medium)

A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a ...

CWE-1252018

CVE-2018-18398

MEDIUM

CVSS:4.7(Medium)

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploite...

CWE-1252018

CVE-2018-0894

Vulnerability Description

Related Vulnerabilities

CVE-2016-9811

CVE-2017-12618

CVE-2017-4899

CVE-2017-6883

CVE-2018-10506

CVE-2018-18398