83 results (0.216 seconds)

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

12 Nov 2024 — .NET and Visual Studio Remote Code Execution Vulnerability A type confusion vulnerability was found in .NET 9.0 Core in .NET that leads to AV in the .NET Core NrbfDecoder component. An update for firefox is now available for Red Hat Enterprise Linux 9. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.0EPSS: 0%CPEs: 21EXPL: 0

06 Sep 2024 — An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. ... The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion,... • https://bugzilla.mozilla.org/show_bug.cgi?id=1901411 • CWE-476: NULL Pointer Dereference CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0

03 Sep 2024 — This vulnerability affects Firefox < 130 and Firefox ESR < 128.2. ... This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. ... Multiple security issues were discovered in Firefox. ... Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. • https://bugzilla.mozilla.org/show_bug.cgi?id=1907032 • CWE-290: Authentication Bypass by Spoofing CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0

03 Sep 2024 — A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. ... A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. ... The Mozilla Foundation's Security Advisory: A di... • https://bugzilla.mozilla.org/show_bug.cgi?id=1911909 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 0

03 Sep 2024 — This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. ... This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15. ... USN-6992-1 fixed vulnerabilities in Firefox. ... Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. ... Seunghyun Lee discovered that Firef... • https://bugzilla.mozilla.org/show_bug.cgi?id=1911288 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0

03 Sep 2024 — The website that served the application download could then launch that application at will This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. ... This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. ... USN-6992-1 fixed vulnerabilities in Firefox. ... Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lo... • https://bugzilla.mozilla.org/show_bug.cgi?id=1908496 • CWE-862: Missing Authorization CWE-1188: Initialization of a Resource with an Insecure Default •

CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 1

03 Sep 2024 — A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. ... A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. ... The Mozilla Foundation's Security... • https://github.com/bjrjk/CVE-2024-8381 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 0%CPEs: 31EXPL: 0

06 Aug 2024 — A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129 and Firefox ESR < 128.1. A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. ... The Mozilla Foundation Security Advisory describes this fla... • https://bugzilla.mozilla.org/show_bug.cgi?id=1903041 •

CVSS: 7.6EPSS: 0%CPEs: 36EXPL: 0

16 Apr 2024 — This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. ... Esta vulnerabilidad afecta a Firefox &lt; 125 y Firefox ESR &lt; 115.10. ... Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or clickjacking. • https://bugzilla.mozilla.org/show_bug.cgi?id=1883542 • CWE-386: Symbolic Name not Mapping to Correct Object CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

16 Mar 2023 — While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. ... This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. The Mozilla Foundation Security Advisory describes this flaw as: While implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. ... Multiple security issues were discovered in Firefox. ... Lukas Bernhard discovered that Firef... • https://bugzilla.mozilla.org/show_bug.cgi?id=1811327 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •