|
1201
|
8.8
6.8
|
HIGH
Network
|
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5436
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1202
|
9.8
7.5
|
CRITICAL
Network
|
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderb…
|
CWE-416
Use After Free
|
CVE-2017-5435
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1203
|
9.8
7.5
|
CRITICAL
Network
|
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a poten…
|
CWE-416
Use After Free
|
CVE-2017-5433
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1204
|
9.8
7.5
|
CRITICAL
Network
|
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This functio…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5428
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1205
|
9.8
7.5
|
CRITICAL
Network
|
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5410
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1206
|
5.3
5.0
|
MEDIUM
Network
|
Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This…
|
CWE-200
Information Exposure
|
CVE-2017-5408
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1207
|
6.5
4.3
|
MEDIUM
Network
|
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history informatio…
|
CWE-200
Information Exposure
|
CVE-2017-5407
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1208
|
9.8
7.5
|
CRITICAL
Network
|
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This …
|
CWE-416
Use After Free
|
CVE-2017-5404
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1209
|
9.8
7.5
|
CRITICAL
Network
|
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. Th…
|
CWE-416
Use After Free
|
CVE-2017-5402
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1210
|
9.8
7.5
|
CRITICAL
Network
|
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul…
|
NVD-CWE-noinfo
|
CVE-2017-5390
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 12:27
2018-06-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|