CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-32057 – Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-32057
The affected application contains a type confusion vulnerability while parsing IGS files. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://cert-portal.siemens.com/productcert/html/ssa-064222.html https://cert-portal.siemens.com/productcert/html/ssa-976324.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0CVE-2024-30034 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30034
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30034 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-34394 – libxmljs2 namespaces type confusion RCE
https://notcve.org/view.php?id=CVE-2024-34394
libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes XmlNode::get_local_namespaces()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution. libxmljs2 es afectada por una vulnerabilidad de confusión de tipos cuando analiza un XML especialmente manipulado mientras se invoca la función namespaces() (que invoca XmlNode::get_local_namespaces()) en un nieto de un nodo que hace referencia a una entidad. • https://github.com/marudor/libxmljs2/issues/205 https://research.jfrog.com/vulnerabilities/libxmljs2-namespaces-type-confusion-rce-jfsa-2024-001034098 •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-34393 – libxmljs2 attrs type confusion RCE
https://notcve.org/view.php?id=CVE-2024-34393
libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled). libxmljs2 es afectada por una vulnerabilidad de confusión de tipos cuando se analiza un XML especialmente manipulado al invocar una función en el resultado de attrs() que se llamó en un nodo analizado. • https://github.com/marudor/libxmljs2/issues/204 https://research.jfrog.com/vulnerabilities/libxmljs2-attrs-type-confusion-rce-jfsa-2024-001034097 •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-34392 – libxmljs namespaces type confusion RCE
https://notcve.org/view.php?id=CVE-2024-34392
libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution. libxmljs es afectada por una vulnerabilidad de confusión de tipos cuando analiza un XML especialmente manipulado mientras se invoca la función namespaces() (que invoca _wrap__xmlNode_nsDef_get()) en un nieto de un nodo que hace referencia a una entidad. • https://github.com/libxmljs/libxmljs/issues/646 https://research.jfrog.com/vulnerabilities/libxmljs-namespaces-type-confusion-rce-jfsa-2024-001034096 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •