Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
type confusion vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-46152
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a type confusion vulnerability while parsing NEU files. This could allow an malicious user to execute code in the context of the cu...
Siemens Simcenter Femap 2020.2
Siemens Simcenter Femap 2021.1
7.6
CVSSv2
CVE-2017-0037
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote malicious users to execute arbitrary code via vectors involving a crafte...
Microsoft Edge
Microsoft Internet Explorer 11
3 EDB exploits
1 Github repository
1 Article
NA
CVE-2023-4068
Type Confusion in V8 in Google Chrome before 115.0.5790.170 allowed a remote malicious user to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Google Chrome
7.6
CVSSv2
CVE-2018-0953
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-...
Microsoft Edge -
Microsoft Chakracore
1 EDB exploit
1 Article
6.8
CVSSv2
CVE-2007-3285
Mozilla Firefox prior to 2.0.0.5, when run on Windows, allows remote malicious users to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Fire...
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.6
Mozilla Firefox 1.5.8
Mozilla Firefox 2.0
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5.1
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.3
Mozilla Firefox 1.5.4
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
4.6
CVSSv2
CVE-2019-15793
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have...
Linux Linux Kernel 5.0
Linux Linux Kernel 5.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
1 EDB exploit
6.8
CVSSv2
CVE-2020-6418
Type confusion in V8 in Google Chrome before 80.0.3987.122 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 EDB exploit
4 Github repositories
2 Articles
7.6
CVSSv2
CVE-2017-11873
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an malicious user to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engin...
Microsoft Edge -
Microsoft Chakracore -
1 EDB exploit
1 Article
6.8
CVSSv2
CVE-2019-8765
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Watchos
1 EDB exploit
7.5
CVSSv2
CVE-2021-23440
This affects the package set-value before <2.0.1, >=3.0.0 <4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.
Set-value Project Set-value
Oracle Communications Cloud Native Core Policy 1.14.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »