Total
448 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-9795 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. | |||||
CVE-2019-7117 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-11707 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-02-28 | 7.5 HIGH | 8.8 HIGH |
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2. | |||||
CVE-2019-14537 | 1 Yourls | 1 Yourls | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass. | |||||
CVE-2019-0988 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080. | |||||
CVE-2019-7128 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-7069 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-9813 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. | |||||
CVE-2019-10231 | 1 Teclib-edition | 1 Gestionnaire Libre De Parc Informatique | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php). | |||||
CVE-2019-7970 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2019-2047 | 1 Google | 1 Android | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117607414 | |||||
CVE-2019-11706 | 1 Mozilla | 1 Thunderbird | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1. | |||||
CVE-2019-7087 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-7971 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2019-2130 | 1 Google | 1 Android | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132073833. | |||||
CVE-2019-8019 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
CVE-2019-7975 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
CVE-2019-10980 | 1 Laquisscada | 1 Scada | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). | |||||
CVE-2019-2052 | 1 Google | 1 Android | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117556606 | |||||
CVE-2019-5791 | 2 Google, Opensuse | 3 Chrome, Backports, Leap | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |