CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 1CVE-2024-38178 – Microsoft Windows Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2024-38178
Scripting Engine Memory Corruption Vulnerability Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL. • https://github.com/uixss/PoC-CVE-2024-38178 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38219 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38219
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38219 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38218 – Microsoft Edge (HTML-based) Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2024-38218
Microsoft Edge (HTML-based) Memory Corruption Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7550
https://notcve.org/view.php?id=CVE-2024-7550
Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/355256380 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7520 – mozilla: Type confusion in WebAssembly
https://notcve.org/view.php?id=CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. ... A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. ... The Mozilla Foundation Security Advisory describes this flaw as: A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1903041 https://www.mozilla.org/security/advisories/mfsa2024-33 https://www.mozilla.org/security/advisories/mfsa2024-35 https://www.mozilla.org/security/advisories/mfsa2024-37 https://access.redhat.com/security/cve/CVE-2024-7520 https://bugzilla.redhat.com/show_bug.cgi?id=2303137 •