High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2018-5130	Improper Input Validation vulnerability in multiple products When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. network low complexity debian redhat canonical mozilla CWE-20	8.8
2018-06-11	CVE-2018-5129	Out-of-bounds Write vulnerability in multiple products A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. network low complexity debian mozilla redhat canonical CWE-787	8.6
2018-06-11	CVE-2018-5127	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. network low complexity redhat debian canonical mozilla CWE-119	8.8
2018-06-11	CVE-2018-5125	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. network low complexity canonical redhat debian mozilla CWE-119	8.8
2018-06-11	CVE-2017-7846	Injection vulnerability in multiple products It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. network low complexity redhat debian mozilla CWE-74	8.8
2018-06-11	CVE-2017-7843	Information Exposure vulnerability in multiple products When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. network low complexity debian mozilla redhat CWE-200	7.5
2018-06-11	CVE-2017-7814	Improper Input Validation vulnerability in multiple products File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. local low complexity redhat mozilla debian CWE-20	7.8
2018-06-11	CVE-2017-7807	Improper Input Validation vulnerability in multiple products A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. network low complexity debian redhat mozilla CWE-20	8.1
2018-06-11	CVE-2017-7805	Use After Free vulnerability in multiple products During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. network low complexity mozilla debian CWE-416	7.5
2018-06-11	CVE-2017-7803	Improper Privilege Management vulnerability in multiple products When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. network low complexity redhat debian mozilla CWE-269	7.5