CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-30357 – Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30357
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... Vulnerabilidad de ejecución remota de código de confusión de tipos de anotación AcroForm de Foxit PDF Reader. ... El problema se debe a la falta de una validación adecuada de los datos proporcionados por el usuario, lo que puede dar lugar a una condición de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-331 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 3CVE-2024-2887 – Google Chrome WASM Improper Input Validation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-2887
Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en WebAssembly en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. • https://github.com/rycbar77/CVE-2024-2887 https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-Poc https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/330588502 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3R •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-1848 – Multiple vulnerabilities exist in file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024
https://notcve.org/view.php?id=CVE-2024-1848
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file. Existen vulnerabilidades de desbordamiento de búfer de almacenamiento dinámico, corrupción de memoria, lectura fuera de los límites, escritura fuera de los límites, desbordamiento de búfer en la región stack de la memoria, confusión de tipos, variable no inicializada y Use-After-Free vulnerabilidades en el procedimiento de lectura de archivos en SOLIDWORKS Desktop en la versión SOLIDWORKS 2024. • https://www.3ds.com/vulnerability/advisories • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-416: Use After Free CWE-457: Use of Uninitialized Variable CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-908: Use of Uninitialized Resource •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26000 – PHOENIX CONTACT: Out of bounds read only memory access
https://notcve.org/view.php?id=CVE-2024-26000
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27236
https://notcve.org/view.php?id=CVE-2024-27236
In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. ... En aoc_unlocked_ioctl de aoc.c, existe una posible corrupción de memoria debido a confusión de tipos. • https://source.android.com/security/bulletin/pixel/2024-03-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •