Skip to main content
CVE-2018-12365 MEDIUM This Month

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Server Aus +8
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-15765 MEDIUM This Month

Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Secure Remote Services
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-1518 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Infosphere Information Server Infosphere Information Server On Cloud
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2018-12381 MEDIUM PATCH This Month

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Mozilla Microsoft Information Disclosure Firefox
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2018-12374 MEDIUM PATCH This Month

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Mozilla Information Disclosure Thunderbird Enterprise Linux Enterprise Linux Desktop +4
NVD
CVSS 3.0
4.3
EPSS
2.0%
CVE-2018-12367 MEDIUM This Month

In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Debian Linux Ubuntu Linux Firefox +1
NVD
CVSS 3.0
4.3
EPSS
2.0%
CVE-2018-12358 MEDIUM This Month

Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Ubuntu Linux
NVD
CVSS 3.0
4.3
EPSS
1.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy