Vulnerabilities (CVE)

Filtered by CWE-843
Total 466 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21230 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21224 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2021-1829 1 Apple 1 Macos 2024-11-21 10.0 HIGH 9.8 CRITICAL
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-1789 3 Apple, Fedoraproject, Webkitgtk 8 Ipados, Iphone Os, Mac Os X and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-0352 1 Google 1 Android 2024-11-21 2.1 LOW 4.4 MEDIUM
In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05453809.
CVE-2020-9948 3 Apple, Debian, Webkit 3 Safari, Debian Linux, Webkitgtk\+ 2024-11-21 6.8 MEDIUM 8.8 HIGH
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9800 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9261 1 Huawei 2 Mate 30, Mate 30 Firmware 2024-11-21 6.8 MEDIUM 7.8 HIGH
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code execution.
CVE-2020-7081 1 Autodesk 1 Fbx Software Development Kit 2024-11-21 9.3 HIGH 8.8 HIGH
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it.
CVE-2020-6656 1 Eaton 1 Easysoft 2024-11-21 6.8 MEDIUM 5.8 MEDIUM
Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user upload a malformed .E70 file in the application. The vulnerability arises due to improper validation of user data supplied through E70 file which is causing Type Confusion.
CVE-2020-6537 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2020-6533 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6512 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 9.3 HIGH 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6468 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6464 3 Debian, Google, Opensuse 3 Debian Linux, Chrome, Leap 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6430 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6418 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6383 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6382 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-5754 1 Webroot 1 Endpoint Agents 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent.