Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
type confusion vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2018-8229
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2...
Microsoft Edge -
Microsoft Chakracore
1 EDB exploit
1 Article
6.8
CVSSv2
CVE-2021-27038
A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. A malicious actor can leverage this to execute arbitrary code.
Autodesk Design Review 2013
Autodesk Design Review 2012
Autodesk Design Review 2018
Autodesk Design Review 2011
Autodesk Design Review 2017
6.8
CVSSv2
CVE-2020-27257
This vulnerability allows local malicious users to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.
Omron Cx-one
Omron Cx-position
Omron Cx-protocol
Omron Cx-server
NA
CVE-2023-2935
Type Confusion in V8 in Google Chrome before 114.0.5735.90 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
7.5
CVSSv2
CVE-2015-0803
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox prior to 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote malicious users to execute arbitrary code or cause a de...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
7.5
CVSSv2
CVE-2015-0804
The HTMLSourceElement::BindToTree function in Mozilla Firefox prior to 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote malicious users to execute arbitrary code or cause a denial of servi...
Mozilla Firefox
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
7.6
CVSSv2
CVE-2017-11914
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an malicious user to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabi...
Microsoft Edge -
Microsoft Chakracore
1 EDB exploit
NA
CVE-2023-45204
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a type confusion vulnerability while parsing specially crafted IGS files. T...
Siemens Tecnomatix
6.8
CVSSv2
CVE-2016-5637
The restore_tqb_pixels function in libbpg 0.9.5 up to and including 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a &qu...
Libbpg Project Libbpg
NA
CVE-2023-37376
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains a type confusion vulnerability while parsing STP files. This could allow an...
Siemens Tecnomatix
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »