Total
658 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28575 | 1 Qualcomm | 120 205, 205 Firmware, 215 and 117 more | 2024-11-21 | 6.7 Medium |
| The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. | ||||
| CVE-2023-23442 | 1 Hihonor | 1 Magic Os | 2024-11-21 | 4.6 Medium |
| Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-21287 | 1 Google | 2 Admob, Android | 2024-11-21 | 9.8 Critical |
| In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-1235 | 1 Google | 1 Chrome | 2024-11-21 | 6.3 Medium |
| Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low) | ||||
| CVE-2023-1215 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-1214 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-1077 | 4 Debian, Linux, Netapp and 1 more | 23 Debian Linux, Linux Kernel, 8300 and 20 more | 2024-11-21 | 7.0 High |
| In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. | ||||
| CVE-2023-0703 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: Medium) | ||||
| CVE-2023-0702 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-0696 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-0473 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4174 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-48511 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.8 Critical |
| Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally. | ||||
| CVE-2022-46706 | 1 Apple | 3 Mac Os X, Macos, Securtiy Update Catalina | 2024-11-21 | 7.8 High |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-3889 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3652 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-3315 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2022-34918 | 5 Canonical, Debian, Linux and 2 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. | ||||
| CVE-2022-34221 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 7.8 High |
| Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-32814 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 7.8 High |
| A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | ||||