How severe is CVE-2018-12886?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2018-12886?

This is classified as CWE-209, which is a common weakness in software security.

CVE-2018-12886

HIGH Year: 2018

CVSS v3 Score

8.1

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-209

View all →

Vulnerability Description

stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.

CVE-2018-8042

HIGH

CVSS:8.1(High)

Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services....

CWE-2092018

CVE-2022-22162

HIGH

CVSS:7.8(High)

A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the...

CWE-2092022

CVE-2020-15125

HIGH

CVSS:7.7(High)

In auth0 (npm package) versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Authorization header is n...

CWE-2092020

CVE-2024-11625

HIGH

CVSS:7.7(High)

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, fro...

CWE-2092024

CVE-2025-22218

HIGH

CVSS:7.7(High)

VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated ...

CWE-2092025

CVE-2018-17961

HIGH

CVSS:8.6(High)

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-20...

CWE-2092018

CVE-2018-12886

Vulnerability Description

Related Vulnerabilities

CVE-2018-8042

CVE-2022-22162

CVE-2020-15125

CVE-2024-11625

CVE-2025-22218

CVE-2018-17961