52.7.1

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2018-5174	Unspecified vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. network low complexity mozilla microsoft	5.0
2018-06-11	CVE-2018-5168	Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. network low complexity debian mozilla canonical redhat	5.0
2018-06-11	CVE-2018-5159	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. network low complexity debian redhat mozilla canonical CWE-190	7.5
2018-06-11	CVE-2018-5158	Code Injection vulnerability in multiple products The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. network debian redhat mozilla canonical CWE-94	6.8
2018-06-11	CVE-2018-5157	Information Exposure vulnerability in multiple products Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. network low complexity redhat debian canonical mozilla CWE-200	5.0
2018-06-11	CVE-2018-5155	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. network low complexity debian redhat mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5154	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. network low complexity debian redhat mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5150	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. network low complexity debian redhat mozilla canonical CWE-119	7.5
2018-06-11	CVE-2018-5148	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. network low complexity debian redhat mozilla canonical CWE-416	7.5
2018-06-11	CVE-2018-5147	Out-of-bounds Write vulnerability in multiple products The libtremor library has the same flaw as CVE-2018-5146. network low complexity debian mozilla CWE-787	7.5