VDB
GCVE-110-MAGEIA-2018-480
GCVE-110-MAGEIA-2018-480
Advisory Published
- Buffer overflow using computed size of canvas element. (CVE-2018-12359)
- Use-after-free when using focus(). (CVE-2018-12360)
- Integer overflow in SwizzleData. (CVE-2018-12361)
- Integer overflow in SSSE3 scaler. (CVE-2018-12362)
- Media recorder segmentation fault when track type is changed during
capture. (CVE-2018-5156)
- Use-after-free when appending DOM nodes. (CVE-2018-12363)
- CSRF attacks through 307 redirects and NPAPI plugins. (CVE-2018-12364)
- Compromised IPC child process can list local filenames.
(CVE-2018-12365)
- Integer overflow in Skia library during edge builder allocation.
(CVE-2018-12371)
- Invalid data handling during QCMS transformations. (CVE-2018-12366)
- Timing attack mitigation of PerformanceNavigationTiming.
(CVE-2018-12367)
- No warning when opening executable SettingContent-ms files.
(CVE-2018-12368)
- Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and
Thunderbird 60. (CVE-2018-5187)
- Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, Firefox
ESR 52.9, and Thunderbird 60. (CVE-2018-5188)
- Use-after-free in refresh driver timers. (CVE-2018-12377)
- Use-after-free in IndexedDB. (CVE-2018-12378)
- Out-of-bounds write with malicious MAR file. (CVE-2018-12379)
- Proxy bypass using automount and autofs. (CVE-2017-16541)
- Crash in TransportSecurityInfo due to cached data. (CVE-2018-12385)
- Setting a master password post-Firefox 58 does not delete unencrypted
previously stored passwords. (CVE-2018-12383)
- Memory safety bugs fixed in Firefox 62, Firefox ESR 60.2, and
Thunderbird 60.2.1. (CVE-2018-12376)
- HTTP Live Stream audio data is accessible cross-origin.
(CVE-2018-12391)
- Crash with nested event loops. (CVE-2018-12392)
- Integer overflow during Unicode conversion while loading JavaScript.
(CVE-2018-12393)
- Memory safety bugs fixed in Firefox ESR 60.3 and Thunderbird 60.3.
(CVE-2018-12389)
- Memory safety bugs fixed in Firefox 63, Firefox ESR 60.3, and
Thunderbird 60.3. (CVE-2018-12390)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | thunderbird-l10n | 0 (affected), 60.3.3-1.mga6 (unaffected) | — |
| Mageia | thunderbird | 0 (affected), 60.3.3-3.mga6 (unaffected) | — |
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.