CVE-2024-7520 – mozilla: Type confusion in WebAssembly
https://notcve.org/view.php?id=CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. ... A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. ... The Mozilla Foundation Security Advisory describes this flaw as: A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1903041 https://www.mozilla.org/security/advisories/mfsa2024-33 https://www.mozilla.org/security/advisories/mfsa2024-35 https://www.mozilla.org/security/advisories/mfsa2024-37 https://access.redhat.com/security/cve/CVE-2024-7520 https://bugzilla.redhat.com/show_bug.cgi?id=2303137 •
CVE-2024-40803
https://notcve.org/view.php?id=CVE-2024-40803
A type confusion issue was addressed with improved checks. • https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214118 http://seclists.org/fulldisclosure/2024/Jul/20 http://seclists.org/fulldisclosure/2024/Jul/18 http://seclists.org/fulldisclosure/2024/Jul/19 •
CVE-2024-40788
https://notcve.org/view.php?id=CVE-2024-40788
A type confusion issue was addressed with improved memory handling. • https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214116 https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 https://support.apple.com/en-us/HT214118 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/23 http://seclists.org/fulldisclosure/2024/J •
CVE-2024-40626 – Stored Cross-site Scripting (XSS) vulnerability in Outline editor
https://notcve.org/view.php?id=CVE-2024-40626
A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting (XSS) vulnerability in Outline. • https://github.com/outline/outline/security/advisories/GHSA-888c-mvg8-v6wh • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-37987 – Secure Boot Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-37987
Secure Boot Security Feature Bypass Vulnerability Vulnerabilidad de omisión de la función de seguridad de arranque seguro • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37987 • CWE-122: Heap-based Buffer Overflow CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •