Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5094 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized.
network
low complexity
mozilla canonical CWE-119
7.5
7.5
2018-06-11 CVE-2018-5093 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash.
network
low complexity
mozilla canonical CWE-119
7.5
7.5
2018-06-11 CVE-2018-5092 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations.
network
low complexity
mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5091 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5090 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 57.
network
low complexity
mozilla canonical CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-5089 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5.
network
low complexity
canonical redhat debian mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2017-7829 Improper Input Validation vulnerability in multiple products
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient.
network
low complexity
mozilla redhat debian canonical CWE-20
5.3
5.3
2018-06-11 CVE-2017-7826 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4.
network
low complexity
debian redhat canonical mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2017-7810 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3.
network
low complexity
debian redhat canonical mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-10360 Out-of-bounds Read vulnerability in multiple products
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
network
low complexity
file-project canonical opensuse CWE-125
6.5
6.5