Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2018-5161	Improper Input Validation vulnerability in multiple products Crafted message headers can cause a Thunderbird process to hang on receiving the message. network redhat debian canonical mozilla CWE-20	4.3
2018-06-11	CVE-2018-5158	Code Injection vulnerability in multiple products The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. network debian redhat mozilla canonical CWE-94	6.8
2018-06-11	CVE-2018-5157	Information Exposure vulnerability in multiple products Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. network low complexity redhat debian canonical mozilla CWE-200	5.0
2018-06-11	CVE-2018-5146	Out-of-bounds Write vulnerability in multiple products An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. network redhat debian canonical mozilla CWE-787	6.8
2018-06-11	CVE-2018-5131	Information Exposure vulnerability in multiple products Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. network debian mozilla redhat canonical CWE-200	4.3
2018-06-11	CVE-2018-5130	Improper Input Validation vulnerability in multiple products When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. network debian redhat canonical mozilla CWE-20	6.8
2018-06-11	CVE-2018-5129	Out-of-bounds Write vulnerability in multiple products A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. network low complexity debian mozilla redhat canonical CWE-787	5.0
2018-06-11	CVE-2018-5127	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. network redhat debian canonical mozilla CWE-119	6.8
2018-06-11	CVE-2018-5125	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. network canonical redhat debian mozilla CWE-119	6.8
2018-06-11	CVE-2018-5117	If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. network low complexity debian redhat mozilla canonical	5.0