Total
451 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-21056 | 1 Google | 1 Android | 2024-02-28 | N/A | 6.7 MEDIUM |
In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245300559References: N/A | |||||
CVE-2023-1075 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 3.3 LOW |
A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. | |||||
CVE-2023-24823 | 1 Riot-os | 1 Riot | 2024-02-28 | N/A | 9.8 CRITICAL |
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a type confusion between IPv6 extension headers and a UDP header. This occurs while encoding a 6LoWPAN IPHC header. The type confusion manifests in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, apply the patches manually. | |||||
CVE-2022-42841 | 1 Apple | 1 Macos | 2024-02-28 | N/A | 7.8 HIGH |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution. | |||||
CVE-2023-0696 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-1215 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2022-4262 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-23455 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | |||||
CVE-2023-0286 | 2 Openssl, Stormshield | 3 Openssl, Stormshield Management Center, Stormshield Network Security | 2024-02-28 | N/A | 7.4 HIGH |
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. | |||||
CVE-2022-25721 | 1 Qualcomm | 90 Aqt1000, Aqt1000 Firmware, Mdm9150 and 87 more | 2024-02-28 | N/A | 7.8 HIGH |
Memory corruption in video driver due to type confusion error during video playback | |||||
CVE-2023-22579 | 1 Sequelizejs | 1 Sequelize | 2024-02-28 | N/A | 8.8 HIGH |
Due to improper parameter filtering in the sequalize js library, can a attacker peform injection. | |||||
CVE-2022-4174 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2022-20461 | 1 Google | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege of BLE with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228602963 | |||||
CVE-2023-1235 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 6.3 MEDIUM |
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low) | |||||
CVE-2023-0703 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: Medium) | |||||
CVE-2023-20616 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6735 and 42 more | 2024-02-28 | N/A | 6.7 MEDIUM |
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720. | |||||
CVE-2022-4205 | 1 Gitlab | 1 Gitlab | 2024-02-28 | N/A | 7.5 HIGH |
In Gitlab EE/CE before 15.6.1, 15.5.5 and 15.4.6 using a branch with a hexadecimal name could override an existing hash. | |||||
CVE-2023-23454 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | |||||
CVE-2023-0702 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-0473 | 1 Google | 1 Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |