Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-01 | CVE-2015-0802 | Permissions, Privileges, and Access Controls vulnerability in multiple products Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods. | 5.0 |
| 2015-03-30 | CVE-2015-2305 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. | 6.8 |
| 2015-03-25 | CVE-2015-2317 | Cross-site Scripting vulnerability in multiple products The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL. | 4.3 |
| 2015-03-25 | CVE-2015-2316 | Resource Management Errors vulnerability in multiple products The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string. | 5.0 |
| 2015-03-24 | CVE-2015-0250 | XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file. | 6.4 |
| 2015-03-18 | CVE-2015-2296 | The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. | 6.8 |
| 2015-02-25 | CVE-2015-0834 | Information Exposure vulnerability in multiple products The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window. | 4.3 |
| 2015-02-25 | CVE-2015-0832 | 7PK - Security Features vulnerability in multiple products Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . | 5.0 |
| 2015-02-25 | CVE-2015-0831 | Use After Free Denial of Service vulnerability in Mozilla Firefox and Thunderbird Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation. | 6.8 |
| 2015-02-25 | CVE-2015-0830 | Resource Management Errors vulnerability in multiple products The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content. | 5.0 |