Vulnerabilities > Mozilla
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2018-5108 | Information Exposure vulnerability in multiple products A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. | 4.3 |
2018-06-11 | CVE-2018-5107 | Link Following vulnerability in multiple products The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. | 5.3 |
2018-06-11 | CVE-2018-5106 | Information Exposure vulnerability in multiple products Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. | 5.3 |
2018-06-11 | CVE-2018-5105 | WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. | 7.8 |
2018-06-11 | CVE-2018-5104 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. | 9.8 |
2018-06-11 | CVE-2018-5103 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. | 9.8 |
2018-06-11 | CVE-2018-5102 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. | 9.8 |
2018-06-11 | CVE-2018-5101 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. | 7.5 |
2018-06-11 | CVE-2018-5100 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scripts. | 7.5 |
2018-06-11 | CVE-2018-5099 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. | 9.8 |