Total
451 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-1214 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2022-26433 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2024-02-28 | N/A | 6.7 MEDIUM |
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400. | |||||
CVE-2022-26435 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2024-02-28 | N/A | 6.7 MEDIUM |
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435. | |||||
CVE-2022-3889 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2022-1134 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-1314 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-1869 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 6.5 MEDIUM |
Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-32814 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-28 | N/A | 7.8 HIGH |
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-3903 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 4.6 MEDIUM |
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system. | |||||
CVE-2022-2971 | 1 Mz-automation | 1 Libiec61850 | 2024-02-28 | N/A | 7.5 HIGH |
MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) accesses a resource using an incompatible type, which could allow an attacker to crash the server with a malicious payload. | |||||
CVE-2022-32915 | 1 Apple | 1 Macos | 2024-02-28 | N/A | 7.8 HIGH |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2022-42823 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2024-02-28 | N/A | 8.8 HIGH |
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2022-3652 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2022-1486 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
CVE-2022-1232 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-34709 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-02-28 | N/A | 6.0 MEDIUM |
Windows Defender Credential Guard Security Feature Bypass Vulnerability | |||||
CVE-2022-34221 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-02-28 | N/A | 7.8 HIGH |
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-3315 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2022-1364 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-2295 | 2 Fedoraproject, Google | 3 Extra Packages For Enterprise Linux, Fedora, Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |