Vulnerabilities > Canonical > Ubuntu Linux > 18.04

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5185 Missing Encryption of Sensitive Data vulnerability in multiple products
Plaintext of decrypted emails can leak through by user submitting an embedded form.
4.3
2018-06-11 CVE-2018-5184 Inadequate Encryption Strength vulnerability in multiple products
Using remote content in encrypted messages can lead to the disclosure of plaintext.
network
low complexity
debian mozilla canonical redhat CWE-326
5.0
2018-06-11 CVE-2018-5183 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Mozilla developers backported selected changes in the Skia library.
network
low complexity
redhat debian canonical mozilla CWE-119
7.5
2018-06-11 CVE-2018-5182 Information Exposure vulnerability in multiple products
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened.
network
low complexity
canonical mozilla CWE-200
5.0
2018-06-11 CVE-2018-5181 Information Exposure vulnerability in multiple products
If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy.
network
low complexity
canonical mozilla CWE-200
5.0
2018-06-11 CVE-2018-5180 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during WebGL operations.
network
low complexity
mozilla canonical CWE-416
5.0
2018-06-11 CVE-2018-5178 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data.
6.8
2018-06-11 CVE-2018-5177 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs.
network
low complexity
canonical mozilla CWE-119
5.0
2018-06-11 CVE-2018-5176 Improper Input Validation vulnerability in multiple products
The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links.
4.3
2018-06-11 CVE-2018-5175 Cross-site Scripting vulnerability in multiple products
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'".
4.3