Page 17 of 912 results (0.030 seconds)

CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through type confusion. OpenHarmony v3.2.4 y versiones anteriores permiten que un atacante local provoque que las aplicaciones fallen debido a confusión de tipos. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-04.md • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... Vulnerabilidad de ejecución remota de código de confusión de tipos de anotación AcroForm de Foxit PDF Reader. ... El problema se debe a la falta de una validación adecuada de los datos proporcionados por el usuario, lo que puede dar lugar a una condición de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-24-331 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 3

Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en WebAssembly en Google Chrome anterior a 123.0.6312.86 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. • https://github.com/rycbar77/CVE-2024-2887 https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-Poc https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html https://issues.chromium.org/issues/330588502 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3R •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file. Existen vulnerabilidades de desbordamiento de búfer de almacenamiento dinámico, corrupción de memoria, lectura fuera de los límites, escritura fuera de los límites, desbordamiento de búfer en la región stack de la memoria, confusión de tipos, variable no inicializada y Use-After-Free vulnerabilidades en el procedimiento de lectura de archivos en SOLIDWORKS Desktop en la versión SOLIDWORKS 2024. • https://www.3ds.com/vulnerability/advisories • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-416: Use After Free CWE-457: Use of Uninitialized Variable CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-908: Use of Uninitialized Resource •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-20: Improper Input Validation •