High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-18	CVE-2018-12370	Cross-Site Request Forgery (CSRF) vulnerability in multiple products In Reader View SameSite cookie protections are not checked on exiting. network low complexity canonical mozilla CWE-352	8.8
2018-10-18	CVE-2018-12364	Cross-Site Request Forgery (CSRF) vulnerability in multiple products NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. network low complexity redhat debian canonical mozilla CWE-352	8.8
2018-10-18	CVE-2018-12363	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. network low complexity redhat debian canonical mozilla CWE-416	8.8
2018-10-18	CVE-2018-12362	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. network low complexity redhat debian canonical mozilla CWE-190	8.8
2018-10-18	CVE-2018-12361	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur in the SwizzleData code while calculating buffer sizes. network low complexity mozilla debian canonical CWE-190	8.8
2018-10-18	CVE-2018-12360	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. network low complexity redhat debian canonical mozilla CWE-416	8.8
2018-10-18	CVE-2018-12359	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. network low complexity redhat debian canonical mozilla CWE-119	8.8
2018-10-17	CVE-2018-18445	Out-of-bounds Read vulnerability in multiple products In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. local low complexity linux canonical redhat CWE-125	7.8
2018-10-17	CVE-2018-3169	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network high complexity oracle redhat debian canonical hp	8.3
2018-10-17	CVE-2018-3155	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). network low complexity oracle netapp canonical	7.7