Total
658 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-8506 | 2 Apple, Redhat | 10 Icloud, Iphone Os, Itunes and 7 more | 2025-02-28 | 8.8 High |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2023-0083 | 1 Openatom | 1 Openharmony | 2025-02-27 | 4 Medium |
| The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash. | ||||
| CVE-2023-1076 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-02-24 | 5.5 Medium |
| A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. | ||||
| CVE-2023-1075 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-02-24 | 3.3 Low |
| A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. | ||||
| CVE-2023-21056 | 1 Google | 1 Android | 2025-02-21 | 6.7 Medium |
| In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245300559References: N/A | ||||
| CVE-2023-2033 | 4 Couchbase, Debian, Fedoraproject and 1 more | 4 Couchbase Server, Debian Linux, Fedora and 1 more | 2025-02-19 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-1096 | 1 Google | 1 Chrome | 2025-02-19 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-4262 | 1 Google | 1 Chrome | 2025-02-19 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-30563 | 1 Google | 1 Chrome | 2025-02-19 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2024-37603 | 2025-02-18 | 4.6 Medium | ||
| An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of the car is needed. With prepared data, an attacker can cause the User-Data service to fail. The failed service instance will restart automatically. | ||||
| CVE-2022-37377 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-02-14 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JavaScript optimizations. The issue results from an improper optimization, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16733. | ||||
| CVE-2023-32439 | 3 Apple, Redhat, Webkitgtk | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-14 | 8.8 High |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | ||||
| CVE-2024-11344 | 2025-02-13 | 7.3 High | ||
| A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. | ||||
| CVE-2024-11346 | 2025-02-13 | 7.3 High | ||
| : Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Lexmark International CX, XC, CS, et. Al. (Postscript interpreter modules) allows Resource Injection.This issue affects CX, XC, CS, et. Al.: from 001.001:0 through 081.231, from *.*.P001 through *.*.P233, from *.*.P001 through *.*.P759, from *.*.P001 through *.*.P836. | ||||
| CVE-2024-6100 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5843 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity: Medium) | ||||
| CVE-2024-5838 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5837 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5833 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5830 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||||