|
248241
|
9.8 |
CRITICAL
Network
|
tibco
|
jasperreports_server jaspersoft_reporting_and_analytics jaspersoft
|
The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS wit…
|
CWE-863
Incorrect Authorization
|
CVE-2018-18815
|
2024-11-21 12:56 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248242
|
6.5 |
MEDIUM
Network
|
tibco
|
jasperreports_server jasperreports_library jaspersoft_reporting_and_analytics jaspersoft
|
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperRe…
|
CWE-22
Path Traversal
|
CVE-2018-18809
|
2024-11-21 12:56 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248243
|
7.5 |
HIGH
Network
|
tibco
|
jasperreports_server jaspersoft_reporting_and_analytics jaspersoft
|
The domain management component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft fo…
|
CWE-362
Race Condition
|
CVE-2018-18808
|
2024-11-21 12:56 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248244
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox thunderbird firefox_esr
|
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). T…
|
CWE-346
Origin Validation Error
|
CVE-2018-18499
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248245
|
6.5 |
MEDIUM
Network
|
mozilla canonical
|
firefox ubuntu_linux
|
Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argumen…
|
NVD-CWE-noinfo
|
CVE-2018-18497
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248246
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2018-18496
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248247
|
9.8 |
CRITICAL
Network
|
mozilla debian canonical redhat
|
firefox firefox_esr thunderbird debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterpri…
|
A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bo…
|
CWE-787 CWE-190
Out-of-bounds Write Integer Overflow or Wraparound
|
CVE-2018-18498
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248248
|
6.5 |
MEDIUM
Network
|
mozilla canonical
|
firefox ubuntu_linux
|
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-18495
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248249
|
6.5 |
MEDIUM
Network
|
mozilla debian canonical redhat
|
firefox thunderbird firefox_esr debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterpri…
|
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This i…
|
CWE-346
Origin Validation Error
|
CVE-2018-18494
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248250
|
9.8 |
CRITICAL
Network
|
mozilla debian canonical redhat
|
firefox thunderbird firefox_esr debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_tus enterpri…
|
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-18493
|
2024-11-21 12:56 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|