Total
496 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46706 | 1 Apple | 2 Mac Os X, Macos | 2023-08-19 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-32358 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-08-19 | N/A | 8.8 HIGH |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. | |||||
| CVE-2021-33624 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-08-08 | 4.7 MEDIUM | 4.7 MEDIUM |
| In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. | |||||
| CVE-2023-28729 | 1 Panasonic | 1 Control Fpwin Pro | 2023-07-31 | N/A | 7.8 HIGH |
| A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||||
| CVE-2023-27930 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-36887 | 1 Microsoft | 1 Edge Chromium | 2023-07-26 | N/A | 7.8 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2022-21656 | 1 Envoyproxy | 1 Envoy | 2023-07-24 | 5.8 MEDIUM | 5.9 MEDIUM |
| Envoy is an open source edge and service proxy, designed for cloud-native applications. The default_validator.cc implementation used to implement the default certificate validation routines has a "type confusion" bug when processing subjectAltNames. This processing allows, for example, an rfc822Name or uniformResourceIndicator to be authenticated as a domain name. This confusion allows for the bypassing of nameConstraints, as processed by the underlying OpenSSL/BoringSSL implementation, exposing the possibility of impersonation of arbitrary servers. As a result Envoy will trust upstream certificates that should not be trusted. | |||||
| CVE-2023-37376 | 1 Siemens | 1 Tecnomatix | 2023-07-18 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains a type confusion vulnerability while parsing STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21051) | |||||
| CVE-2022-23583 | 1 Google | 1 Tensorflow | 2023-07-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that any binary op would trigger `CHECK` failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the `dtype` no longer matches the `dtype` expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If `Tin` and `Tout` don't match the type of data in `out` and `input_*` tensors then `flat<*>` would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a `CHECK` crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-48511 | 1 Huawei | 2 Emui, Harmonyos | 2023-07-13 | N/A | 9.8 CRITICAL |
| Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally. | |||||
| CVE-2023-20768 | 2 Google, Mediatek | 43 Android, Mt6580, Mt6735 and 40 more | 2023-07-10 | N/A | 6.7 MEDIUM |
| In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07559800. | |||||
| CVE-2023-3022 | 1 Linux | 1 Linux Kernel | 2023-06-29 | N/A | 5.5 MEDIUM |
| A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress. | |||||
| CVE-2021-26635 | 1 Bandisoft | 1 Ark Library | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution. | |||||
| CVE-2022-1134 | 1 Google | 1 Chrome | 2023-06-12 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2023-20747 | 3 Google, Linuxfoundation, Mediatek | 48 Android, Iot-yocto, Yocto and 45 more | 2023-06-09 | N/A | 4.4 MEDIUM |
| In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121. | |||||
| CVE-2022-34709 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-05-31 | N/A | 6.0 MEDIUM |
| Windows Defender Credential Guard Security Feature Bypass Vulnerability | |||||
| CVE-2020-35636 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2023-05-30 | 7.5 HIGH | 9.8 CRITICAL |
| A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability. | |||||
| CVE-2023-20673 | 2 Google, Mediatek | 43 Android, Iot Yocto, Mt5696 and 40 more | 2023-05-24 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. | |||||
| CVE-2023-26063 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2023-05-08 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. | |||||
| CVE-2023-24823 | 1 Riot-os | 1 Riot | 2023-05-03 | N/A | 9.8 CRITICAL |
| RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a type confusion between IPv6 extension headers and a UDP header. This occurs while encoding a 6LoWPAN IPHC header. The type confusion manifests in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, apply the patches manually. | |||||