Total
583 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-2097 | 1 Google | 1 Android | 2024-08-04 | N/A |
| In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117606285. | ||||
| CVE-2019-2052 | 1 Google | 1 Android | 2024-08-04 | N/A |
| In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117556606 | ||||
| CVE-2019-2047 | 1 Google | 1 Android | 2024-08-04 | N/A |
| In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117607414 | ||||
| CVE-2019-0988 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-08-04 | 7.5 High |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080. | ||||
| CVE-2019-0920 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-08-04 | N/A |
| A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0988, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080. | ||||
| CVE-2019-0810 | 1 Microsoft | 10 Chakracore, Edge, Windows 10 and 7 more | 2024-08-04 | 7.5 High |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | ||||
| CVE-2019-0752 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-08-04 | 7.5 High |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862. | ||||
| CVE-2020-36460 | 1 Model Project | 1 Model | 2024-08-04 | 8.1 High |
| An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type. | ||||
| CVE-2020-36229 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-08-04 | 7.5 High |
| A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. | ||||
| CVE-2020-35636 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2024-08-04 | 9.8 Critical |
| A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability. | ||||
| CVE-2020-27932 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-08-04 | 7.8 High |
| A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-25575 | 1 Failure Project | 1 Failure | 2024-08-04 | 9.8 Critical |
| An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010 | ||||
| CVE-2020-27293 | 1 Deltaww | 1 Cncsoft-b | 2024-08-04 | 7.8 High |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type confusion issue while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-26990 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 8.8 High |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing ASM files. A crafted ASM file could trigger a type confusion condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11897) | ||||
| CVE-2020-26980 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 8.8 High |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing JT files. A crafted JT file could trigger a type confusion condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11881) | ||||
| CVE-2020-25661 | 1 Redhat | 1 Enterprise Linux | 2024-08-04 | 7.5 High |
| A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2020-25016 | 1 Rgb-rust Project | 1 Rgb-rust | 2024-08-04 | 9.1 Critical |
| A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations. | ||||
| CVE-2020-22882 | 1 Moddable | 1 Moddable | 2024-08-04 | 7.5 High |
| Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61. | ||||
| CVE-2020-16229 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-08-04 | 7.8 High |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||||
| CVE-2020-16103 | 1 Gallagher | 1 Command Centre | 2024-08-04 | 8.8 High |
| Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. This issue affects: Gallagher Command Centre 8.30 versions prior to 8.30.1236(MR1); 8.20 versions prior to 8.20.1166(MR3); 8.10 versions prior to 8.10.1211(MR5); version 8.00 and prior versions. | ||||