CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7825 – Type confusion that can cause the WRSA.exe service to crash and generate a crash dump
https://notcve.org/view.php?id=CVE-2024-7825
03 Oct 2024 — Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3. • https://answers.webroot.com/Webroot/ukp.aspx?pid=12&app=vw&vw=1&login=1&json=1&solutionid=4275 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47804 – jenkins: Item creation restriction bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-47804
02 Oct 2024 — If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction. • https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46865 – fou: fix initialization of grc
https://notcve.org/view.php?id=CVE-2024-46865
27 Sep 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/231c235d2f7a66f018f172e26ffd47c363f244ef •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46859 – platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
https://notcve.org/view.php?id=CVE-2024-46859
27 Sep 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/e424fb8cc4e6634c10f8159b1ff5618cf7bab9c6 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46858 – mptcp: pm: Fix uaf in __timer_delete_sync
https://notcve.org/view.php?id=CVE-2024-46858
27 Sep 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/00cfd77b9063dcdf3628a7087faba60de85a9cc8 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46855 – netfilter: nft_socket: fix sk refcount leaks
https://notcve.org/view.php?id=CVE-2024-46855
27 Sep 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/039b1f4f24ecc8493b6bb9d70b4b78750d1b35c2 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46852 – dma-buf: heaps: Fix off-by-one in CMA heap fault handler
https://notcve.org/view.php?id=CVE-2024-46852
27 Sep 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/a5d2d29e24be8967ef78a1b1fb2292413e3b3df9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46807 – drm/amd/amdgpu: Check tbo resource pointer
https://notcve.org/view.php?id=CVE-2024-46807
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/403009bfba45163887398652762ed1fc6645181c • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9122 – Debian Security Advisory 5775-1
https://notcve.org/view.php?id=CVE-2024-9122
24 Sep 2024 — Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43489 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43489
19 Sep 2024 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43489 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •