Vulnerabilities > Canonical > Ubuntu Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2018-5146 | Out-of-bounds Write vulnerability in multiple products An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. | 8.8 |
| 2018-06-11 | CVE-2018-5144 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. | 7.3 |
| 2018-06-11 | CVE-2018-5141 | Improper Input Validation vulnerability in multiple products A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. | 8.2 |
| 2018-06-11 | CVE-2018-5137 | Information Exposure vulnerability in multiple products A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. | 7.5 |
| 2018-06-11 | CVE-2018-5136 | Improper Input Validation vulnerability in multiple products A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. | 7.5 |
| 2018-06-11 | CVE-2018-5130 | Improper Input Validation vulnerability in multiple products When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. | 8.8 |
| 2018-06-11 | CVE-2018-5129 | Out-of-bounds Write vulnerability in multiple products A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. | 8.6 |
| 2018-06-11 | CVE-2018-5127 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. | 8.8 |
| 2018-06-11 | CVE-2018-5125 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. | 8.8 |
| 2018-06-11 | CVE-2018-5115 | Information Exposure vulnerability in multiple products If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. | 7.5 |