Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-26	CVE-2018-3760	Information Exposure vulnerability in multiple products There is an information leak vulnerability in Sprockets. network low complexity redhat sprockets-project debian CWE-200	5.0
2018-06-21	CVE-2018-3665	Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. local intel citrix canonical debian freebsd redhat CWE-200	4.7
2018-06-11	CVE-2018-5184	Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. network low complexity debian mozilla canonical redhat CWE-326	5.0
2018-06-11	CVE-2018-5117	If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. network low complexity debian redhat mozilla canonical	5.0
2018-06-11	CVE-2017-7848	Injection vulnerability in multiple products RSS fields can inject new lines into the created email structure, modifying the message body. network low complexity mozilla redhat debian CWE-74	5.0
2018-06-11	CVE-2017-7807	Improper Input Validation vulnerability in multiple products A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. network debian redhat mozilla CWE-20	5.8
2018-06-11	CVE-2017-7798	Code Injection vulnerability in multiple products The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. network debian redhat mozilla CWE-94	6.8
2018-06-11	CVE-2017-7791	Improper Input Validation vulnerability in multiple products On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. network low complexity debian redhat mozilla CWE-20	5.0
2018-06-11	CVE-2017-7787	Information Exposure vulnerability in multiple products Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. network low complexity debian redhat mozilla CWE-200	5.0
2018-06-11	CVE-2017-7754	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. network low complexity debian redhat mozilla CWE-125	5.0