CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5392
https://notcve.org/view.php?id=CVE-2017-5392
Note: This issue only affects Firefox for Android. ... This vulnerability affects Firefox < 51. ... Nota: este problema solo afecta a Firefox para Android. ... La vulnerabilidad afecta a Firefox en versiones anteriores a la 51. • http://www.securityfocus.com/bid/95763 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/show_bug.cgi?id=1293709 https://www.mozilla.org/security/advisories/mfsa2017-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0CVE-2017-7845
https://notcve.org/view.php?id=CVE-2017-7845
This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2. ... Esta vulnerabilidad afecta a las versiones anteriores a la 52.5.2 de Thunderbird, las versiones anteriores a la 52.5.2 de Firefox ESR y las versiones anteriores a la 57.0.2 de Firefox. • http://www.securityfocus.com/bid/102115 http://www.securitytracker.com/id/1040123 https://bugzilla.mozilla.org/show_bug.cgi?id=1402372 https://www.mozilla.org/security/advisories/mfsa2017-28 https://www.mozilla.org/security/advisories/mfsa2017-29 https://www.mozilla.org/security/advisories/mfsa2017-30 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5840
https://notcve.org/view.php?id=CVE-2018-5840
Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. Puede ocurrir una copia de búfer sin comprobación del tamaño de la entrada durante la secuencia de inicialización del controlador DRM SDE en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5846
https://notcve.org/view.php?id=CVE-2018-5846
A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. Puede ocurrir una condición de uso de memoria previamente liberada en el controlador IPA cuando las llamadas IOCTL IPA IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED son llamadas en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5850
https://notcve.org/view.php?id=CVE-2018-5850
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. En la función csr_update_fils_params_rso(), la validación insuficiente de un tamaño de clave puede resultar en un subdesbordamiento de enteros que conduce a un desbordamiento de búfer en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-191: Integer Underflow (Wrap or Wraparound) •