Log

CVE-2018-18357 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ An insufficient policy enforcement issue has been found in the URL Formatter component of chromium before 71.0.3578.80.
References
+ https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
+ https://bugs.chromium.org/p/chromium/issues/detail?id=895207
Notes
CVE-2018-18358 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ An insufficient policy enforcement issue has been found in the Proxy component of chromium before 71.0.3578.80.
References
+ https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
+ https://bugs.chromium.org/p/chromium/issues/detail?id=899126
Notes
CVE-2018-18359 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ An out-of-bounds read has been found in the V8 component of chromium before 71.0.3578.80.
References
+ https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
+ https://bugs.chromium.org/p/chromium/issues/detail?id=907714
Notes
CVE-2018-18445 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ In the Linux kernel 4.14.x before 4.14.75 and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
References
+ http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b799207e1e1816b09e7a5920fbb2d5fcf6edd681
+ https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.13
+ https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.75
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1686
+ https://seclists.org/oss-sec/2018/q4/69
Notes
CVE-2018-18492 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free has been found in Firefox < 64.0, after deleting a selection element due to a weak reference to the select element in the options collection.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18492
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1499861
Notes
CVE-2018-18493 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A buffer overflow can occur in the Skia library use by Firefox < 64.0, during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18493
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1504452
Notes
CVE-2018-18494 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Same-origin policy bypass
Description
+ A same-origin policy violation has been found in Firefox < 64.0, allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries().
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18494
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1487964
Notes
CVE-2018-18495 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A security issue has been found in Firefox < 64.0, where WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18495
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1427585
Notes
CVE-2018-18497 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A security issue has been found in Firefox < 64.0, where limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to opened privileged about: or file: locations.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18497
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1488180
Notes
CVE-2018-18500 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free vulnerability has been found in Firefox < 65.0, that can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/#CVE-2018-18500
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1510114
Notes