Vulnerabilities > Mozilla

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5131 Information Exposure vulnerability in multiple products
Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should.
network
high complexity
debian mozilla redhat canonical CWE-200
5.9
5.9
2018-06-11 CVE-2018-5130 Improper Input Validation vulnerability in multiple products
When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered.
network
low complexity
debian redhat canonical mozilla CWE-20
8.8
8.8
2018-06-11 CVE-2018-5129 Out-of-bounds Write vulnerability in multiple products
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages.
network
low complexity
debian mozilla redhat canonical CWE-787
8.6
8.6
2018-06-11 CVE-2018-5128 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations.
network
low complexity
mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5127 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script.
network
low complexity
redhat debian canonical mozilla CWE-119
8.8
8.8
2018-06-11 CVE-2018-5126 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 58.
network
low complexity
mozilla canonical CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-5125 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6.
network
low complexity
canonical redhat debian mozilla CWE-119
8.8
8.8
2018-06-11 CVE-2018-5122 Integer Overflow or Wraparound vulnerability in multiple products
A potential integer overflow in the "DoCrypt" function of WebCrypto was identified.
network
low complexity
mozilla canonical CWE-190
critical
 9.8
9.8
2018-06-11 CVE-2018-5121 Improper Input Validation vulnerability in Mozilla Firefox
Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar.
network
low complexity
mozilla CWE-20
5.3
5.3
2018-06-11 CVE-2018-5119 Information Exposure vulnerability in multiple products
The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site.
network
low complexity
mozilla canonical CWE-200
5.3
5.3