CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12834 – Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12834
20 Dec 2024 — Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.zerodayinitiative.com/advisories/ZDI-24-1722 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12836 – Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12836
20 Dec 2024 — Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.zerodayinitiative.com/advisories/ZDI-24-1724 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12692 – Debian Security Advisory 5834-1
https://notcve.org/view.php?id=CVE-2024-12692
18 Dec 2024 — Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La confusión de tipos en la versión 8 de Google Chrome anterior a la 131.0.6778.204 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. • https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2024-54505 – webkit: Processing maliciously crafted web content may lead to memory corruption
https://notcve.org/view.php?id=CVE-2024-54505
11 Dec 2024 — A type confusion issue was addressed with improved memory handling. ... Processing malicious web content can trigger a type confusion issue due to improper memory handling, causing memory corruption. • https://support.apple.com/en-us/121837 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-54529 – Apple Security Advisory 12-11-2024-5
https://notcve.org/view.php?id=CVE-2024-54529
11 Dec 2024 — MacOS suffers from a sandbox escape vulnerability due to a type confusion issue in coreaudiod/CoreAudio Framework. • https://packetstorm.news/files/id/188787 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54524 – Apple Security Advisory 12-11-2024-3
https://notcve.org/view.php?id=CVE-2024-54524
11 Dec 2024 — A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to access arbitrary files. macOS Sequoia 15.2 addresses bypass, code execution, and out of bounds access vulnerabilities. • https://support.apple.com/en-us/121839 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12381 – Debian Security Advisory 5829-1
https://notcve.org/view.php?id=CVE-2024-12381
11 Dec 2024 — Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-49119 – Windows Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49119
10 Dec 2024 — Windows Remote Desktop Services Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49119 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.4EPSS: 0%CPEs: 40EXPL: 0CVE-2024-49849
https://notcve.org/view.php?id=CVE-2024-49849
10 Dec 2024 — This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. • https://cert-portal.siemens.com/productcert/html/ssa-800126.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12053 – Debian Security Advisory 5824-1
https://notcve.org/view.php?id=CVE-2024-12053
03 Dec 2024 — Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •