High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2018-5098	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. network low complexity debian redhat mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5097	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. network low complexity debian redhat mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5095	Use of Uninitialized Resource vulnerability in multiple products An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. network low complexity debian redhat mozilla canonical CWE-908	7.5
2018-06-11	CVE-2018-5092	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. network low complexity mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5091	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. network low complexity debian redhat mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5089	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. network low complexity canonical redhat debian mozilla CWE-119	7.5
2018-05-31	CVE-2018-6552	Unspecified vulnerability in Apport Project Apport Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. local low complexity apport-project canonical	7.2
2018-05-29	CVE-2018-11531	Out-of-bounds Write vulnerability in multiple products Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. network low complexity exiv2 debian canonical CWE-787	7.5
2018-05-28	CVE-2018-11506	Out-of-bounds Write vulnerability in multiple products The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. local low complexity linux canonical debian CWE-787	7.8
2018-05-26	CVE-2018-11490	Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. network low complexity sam2p-project giflib-project debian canonical CWE-129	8.8