Vulnerabilities > Redhat > Enterprise Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2017-7753 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. | 6.4 |
2018-06-11 | CVE-2017-7752 | Use After Free vulnerability in multiple products A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. | 6.8 |
2018-06-11 | CVE-2017-5466 | Cross-site Scripting vulnerability in multiple products If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. | 4.3 |
2018-06-11 | CVE-2017-5465 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read while processing SVG content in "ConvolvePixel". | 6.4 |
2018-06-11 | CVE-2017-5455 | Multiple Security vulnerability in Mozilla Firefox The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. | 5.0 |
2018-06-11 | CVE-2017-5454 | Information Exposure vulnerability in multiple products A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. | 5.0 |
2018-06-11 | CVE-2017-5451 | Improper Input Validation vulnerability in multiple products A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. | 4.3 |
2018-06-11 | CVE-2017-5449 | Improper Input Validation vulnerability in multiple products A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. | 5.0 |
2018-06-11 | CVE-2017-5447 | Use After Free vulnerability in multiple products An out-of-bounds read during the processing of glyph widths during text layout. | 6.4 |
2018-06-11 | CVE-2017-5445 | Improper Validation of Array Index vulnerability in multiple products A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. | 5.0 |