Total
270 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10495 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5586. | ||||
| CVE-2017-7813 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This vulnerability affects Firefox < 56. | ||||
| CVE-2017-16745 | 1 Deltaww | 1 Delta Industrial Automation Screen Editor | 2024-11-21 | N/A |
| A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing specially crafted .dpb files. | ||||
| CVE-2017-15413 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2017-13888 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| In iOS before 11.2, a type confusion issue was addressed with improved memory handling. | ||||
| CVE-2016-7398 | 1 Php | 1 Ext-http | 2024-11-21 | 9.8 Critical |
| A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests. | ||||
| CVE-2014-9627 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 7.8 High |
| The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size. | ||||
| CVE-2011-2337 | 1 Google | 1 Blink | 2024-11-21 | 9.8 Critical |
| A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms. | ||||
| CVE-2011-1805 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2011-1460 | 1 Google | 1 Blink | 2024-11-21 | 9.8 Critical |
| WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks. | ||||