Vulnerabilities (CVE)

Filtered by CWE-843
Total 463 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-35356 1 Microsoft 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more 2024-05-29 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35297 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 8.1 HIGH
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-21675 1 Microsoft 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more 2024-05-29 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36594 1 Microsoft 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more 2024-05-29 N/A 7.8 HIGH
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-36578 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 7.3 HIGH
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-36017 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2024-05-29 N/A 8.8 HIGH
Windows Scripting Engine Memory Corruption Vulnerability
CVE-2023-28243 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 8.8 HIGH
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24944 1 Microsoft 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more 2024-05-29 N/A 6.5 MEDIUM
Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2023-24929 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 8.8 HIGH
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24927 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 8.8 HIGH
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24885 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-05-29 N/A 8.8 HIGH
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2024-20662 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2024-05-29 N/A 4.9 MEDIUM
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
CVE-2024-30034 2024-05-14 N/A 5.5 MEDIUM
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2023-38091 2024-05-03 N/A 7.8 HIGH
Kofax Power PDF response Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the app.response method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20601.
CVE-2023-42074 2024-05-03 N/A 7.8 HIGH
PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the addScript method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21338.
CVE-2023-51560 2024-05-03 N/A 7.8 HIGH
Foxit PDF Reader Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22259.
CVE-2024-25575 2024-04-30 N/A 8.8 HIGH
A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
CVE-2023-28575 1 Qualcomm 120 205, 205 Firmware, 215 and 117 more 2024-04-12 N/A 7.8 HIGH
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.
CVE-2024-20678 2024-04-10 N/A 8.8 HIGH
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2024-26232 2024-04-10 N/A 7.3 HIGH
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability