Total
706 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34392 | 1 Libxmljs Project | 1 Libxmljs | 2024-11-25 | 8.1 High |
| libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution. | ||||
| CVE-2024-34391 | 1 Libxmljs Project | 1 Libxmljs | 2024-11-25 | 8.1 High |
| libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled). | ||||
| CVE-2018-9339 | 1 Google | 1 Android | 2024-11-22 | 7.8 High |
| In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-5597 | 1 Fujielectric | 1 Monitouch V-sft | 2024-11-21 | 7.8 High |
| Fuji Electric Monitouch V-SFTÂ is vulnerable to a type confusion, which could cause a crash or code execution. | ||||
| CVE-2024-40788 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | 6.2 Medium |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. A local attacker may be able to cause unexpected system shutdown. | ||||
| CVE-2024-3298 | 2024-11-21 | 7.8 High | ||
| Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF. NOTE: this vulnerability was SPLIT from CVE-2024-1847. | ||||
| CVE-2024-36278 | 1 Openatom | 1 Openharmony | 2024-11-21 | 3.3 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. | ||||
| CVE-2024-31071 | 1 Openatom | 1 Openharmony | 2024-11-21 | 3.3 Low |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. | ||||
| CVE-2024-1848 | 2024-11-21 | 7.8 High | ||
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file. | ||||
| CVE-2024-1847 | 2024-11-21 | 7.8 High | ||
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID. | ||||
| CVE-2023-6939 | 1 Hihonor | 1 Magic Ui | 2024-11-21 | 4 Medium |
| Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service. | ||||
| CVE-2023-6045 | 1 Openatom | 1 Openharmony | 2024-11-21 | 5.9 Medium |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion. | ||||
| CVE-2023-51428 | 1 Hihonor | 1 Magic Os | 2024-11-21 | 4.6 Medium |
| Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-51427 | 1 Hihonor | 1 Magic Os | 2024-11-21 | 4.6 Medium |
| Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-51426 | 1 Hihonor | 1 Magic Os | 2024-11-21 | 4.6 Medium |
| Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-50433 | 2024-11-21 | 6.5 Medium | ||
| marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service by sending a malicious DHCP packet. The crash is caused by a type confusion bug that results in a large memory allocation; when this memory allocation fails the DHCP server will crash. | ||||
| CVE-2023-48694 | 1 Microsoft | 1 Azure Rtos Usbx | 2024-11-21 | 6.8 Medium |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host class, related to device linked classes, ASIX, Prolific, SWAR, audio, CDC ECM in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-46705 | 1 Openatom | 1 Openharmony | 2024-11-21 | 6.2 Medium |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion. | ||||
| CVE-2023-44108 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart. | ||||
| CVE-2023-44094 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 5.3 Medium |
| Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart. | ||||