Total
466 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26635 | 1 Bandisoft | 1 Ark Library | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution. | |||||
| CVE-2021-26600 | 1 Impresscms | 1 Impresscms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==). | |||||
| CVE-2021-25177 | 2 Opendesign, Siemens | 4 Drawings Software Development Kit, Comos, Jt2go and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | |||||
| CVE-2021-24045 | 1 Facebook | 1 Hermes | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. | |||||
| CVE-2021-24044 | 1 Facebook | 1 Hermes | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would invoke generator functions and error out on invalid await/yield positions. This could result in segmentation fault as a consequence of type confusion error, with a low chance of RCE. This issue affects Hermes versions prior to v0.10.0. | |||||
| CVE-2021-23954 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | |||||
| CVE-2021-23908 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2024-11-21 | 7.5 HIGH | 2.9 LOW |
| An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution. | |||||
| CVE-2021-23820 | 1 Jsonpointer Project | 1 Jsonpointer | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays. | |||||
| CVE-2021-23807 | 1 Jsonpointer Project | 1 Jsonpointer | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays. | |||||
| CVE-2021-23624 | 1 Dotty Project | 1 Dotty | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays. | |||||
| CVE-2021-23509 | 1 Json-ptr Project | 1 Json-ptr | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package json-ptr before 3.0.0. A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays. | |||||
| CVE-2021-23472 | 1 Bootstrap-table | 1 Bootstrap Table | 2024-11-21 | 4.3 MEDIUM | 3.1 LOW |
| This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set. | |||||
| CVE-2021-23447 | 1 Teddy Project | 1 Teddy | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array (instead of a string). | |||||
| CVE-2021-23444 | 1 Client | 1 Jointjs | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function. | |||||
| CVE-2021-23443 | 1 Adonisjs | 1 Edge | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array (instead of a string or a SafeValue), even if {{ }} are used. | |||||
| CVE-2021-23440 | 2 Oracle, Set-value Project | 2 Communications Cloud Native Core Policy, Set-value | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| This affects the package set-value before <2.0.1, >=3.0.0 <4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays. | |||||
| CVE-2021-23438 | 1 Mpath Project | 1 Mpath | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package mpath before 0.8.4. A type confusion vulnerability can lead to a bypass of CVE-2018-16490. In particular, the condition ignoreProperties.indexOf(parts[i]) !== -1 returns -1 if parts[i] is ['__proto__']. This is because the method that has been called if the input is an array is Array.prototype.indexOf() and not String.prototype.indexOf(). They behave differently depending on the type of the input. | |||||
| CVE-2021-23436 | 1 Immer Project | 1 Immer | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, this bypass is possible because the condition (p === "__proto__" || p === "constructor") in applyPatches_ returns false if p is ['__proto__'] (or ['constructor']). The === operator (strict equality operator) returns false if the operands have different type. | |||||
| CVE-2021-23434 | 2 Debian, Object-path Project | 2 Debian Linux, Object-path | 2024-11-21 | 7.5 HIGH | 5.6 MEDIUM |
| This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === '__proto__' returns false if currentPath is ['__proto__']. This is because the === operator returns always false when the type of the operands is different. | |||||
| CVE-2021-22354 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||