CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7971 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2024-7971
21 Aug 2024 — Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. ... Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. • https://github.com/mistymntncop/CVE-2024-7971 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7969 – Debian Security Advisory 5757-1
https://notcve.org/view.php?id=CVE-2024-7969
21 Aug 2024 — Type Confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52904 – ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()
https://notcve.org/view.php?id=CVE-2023-52904
21 Aug 2024 — Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. • https://git.kernel.org/stable/c/bfd36b1d1869859af7ba94dc95ec05e74f40d0b7 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-43817 – net: missing check virtio
https://notcve.org/view.php?id=CVE-2024-43817
17 Aug 2024 — offset+2 (4191) > skb_headlen() (1116) WARNING: CPU: 1 PID: 5084 at net/core/dev.c:3303 skb_checksum_help+0x5e2/0x740 net/core/dev.c:3303 Modules linked in: CPU: 1 PID: 5084 Comm: syz-executor336 Not tainted 6.7.0-rc3-syzkaller-00014-gdf60cee26a2e #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 RIP: 0010:skb_checksum_help+0x5e2/0x740 net/core/dev.c:3303 Code: 89 e8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 52 01 00 00 44 89 e2 2b 53 74 4c 89 ee 48 c7 c7 40 57 e9 8b e8 a... • https://git.kernel.org/stable/c/0f6925b3e8da0dbbb52447ca8a8b42b371aac7db • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34742
https://notcve.org/view.php?id=CVE-2024-34742
15 Aug 2024 — In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. • https://android.googlesource.com/platform/frameworks/base/+/688e5c3012eb0a4ea88361588cf5026c10e4a42c • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43357 – JavaScript specification issue may lead to type confusion and pointer dereference in implementations
https://notcve.org/view.php?id=CVE-2024-43357
15 Aug 2024 — A problem in the ECMAScript (JavaScript) specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type confusion and pointer dereference. A problem in the ECMAScript (JavaScript) specification of async generators, introduced by a May 2021 spec refactor, may lead to mis-implementation in a way that could present as a security vulnerability, such as type confusion and p... • https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r • CWE-248: Uncaught Exception CWE-476: NULL Pointer Dereference CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.6EPSS: 15%CPEs: 18EXPL: 1CVE-2024-38178 – Microsoft Windows Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2024-38178
13 Aug 2024 — Scripting Engine Memory Corruption Vulnerability Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL. • https://github.com/uixss/PoC-CVE-2024-38178 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38219 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38219
08 Aug 2024 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38219 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38218 – Microsoft Edge (HTML-based) Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2024-38218
08 Aug 2024 — Microsoft Edge (HTML-based) Memory Corruption Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7550 – Debian Security Advisory 5741-1
https://notcve.org/view.php?id=CVE-2024-7550
06 Aug 2024 — Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •