Page 12 of 1067 results (0.084 seconds)

CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0

03 Sep 2024 — A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. ... A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. ... The Mozilla Foundation's Security Advisory: A di... • https://bugzilla.mozilla.org/show_bug.cgi?id=1911909 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 0

03 Sep 2024 — Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. ... Seunghyun Lee discovered that Firefox contained a type confusion vulnerability when handling certain ArrayTypes. • https://bugzilla.mozilla.org/show_bug.cgi?id=1911288 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0

03 Sep 2024 — Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. ... Seunghyun Lee discovered that Firefox contained a type confusion vulnerability when handling certain ArrayTypes. • https://bugzilla.mozilla.org/show_bug.cgi?id=1908496 • CWE-862: Missing Authorization CWE-1188: Initialization of a Resource with an Insecure Default •

CVSS: 10.0EPSS: 14%CPEs: 36EXPL: 1

03 Sep 2024 — A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. ... A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. ... The Mozilla Foundation's Security... • https://github.com/bjrjk/CVE-2024-8381 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

28 Aug 2024 — Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

26 Aug 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/ae00e6536a2dd54b64b39e9a39548870cf835745 •

CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0

26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is not known or does not have a GRO handler. In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in gue_gro_receive on unsupported protocol Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is not known or does not have a GRO handler. ... • https://git.kernel.org/stable/c/a925a200299a6dfc7c172f54da6f374edc930053 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

26 Aug 2024 — /display/dc/hwss/dcn30/dcn30_hwseq.c:940 dcn30_apply_idle_power_optimizations() error: we previously assumed 'plane' could be null (see line 922) Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/fcf9d6a9f30ea414b6b84a6e901cebd44e146847 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

26 Aug 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/d0b8b23b9c2ebec693a36fea518d8f13493ad655 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

23 Aug 2024 — Microsoft Edge (HTML-based) Memory Corruption Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38207 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •