Vulnerabilities (CVE)

Filtered by CWE-843
Total 367 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4068 1 Google 1 Chrome 2024-01-31 N/A 8.1 HIGH
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3420 2 Debian, Google 2 Debian Linux, Chrome 2024-01-31 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3216 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-01-31 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3079 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-01-31 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2936 1 Google 1 Chrome 2024-01-31 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2935 1 Google 1 Chrome 2024-01-31 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-34967 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2024-01-30 N/A 5.3 MEDIUM
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.
CVE-2023-38074 1 Siemens 3 Jt2go, Teamcenter Visualization, Tecnomatix Plant Simulation 2024-01-25 N/A 7.8 HIGH
A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)
CVE-2024-0518 2 Fedoraproject, Google 2 Fedora, Chrome 2024-01-22 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2020-10757 7 Canonical, Debian, Fedoraproject and 4 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2024-01-19 6.9 MEDIUM 7.8 HIGH
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
CVE-2023-41075 1 Apple 3 Ipados, Iphone Os, Macos 2024-01-17 N/A 7.8 HIGH
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. An app may be able to execute arbitrary code with kernel privileges.
CVE-2023-41060 1 Apple 3 Ipados, Iphone Os, Macos 2024-01-16 N/A 8.8 HIGH
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. A remote user may be able to cause kernel code execution.
CVE-2023-42464 2 Debian, Netatalk 2 Debian Linux, Netatalk 2024-01-12 N/A 9.8 CRITICAL
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967.
CVE-2023-32439 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-01-12 N/A 8.8 HIGH
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVE-2023-1077 3 Debian, Linux, Netapp 22 Debian Linux, Linux Kernel, 8300 and 19 more 2024-01-12 N/A 7.0 HIGH
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
CVE-2023-6939 1 Hihonor 1 Magic Ui 2024-01-05 N/A 5.5 MEDIUM
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service.
CVE-2023-23442 1 Hihonor 1 Magic Os 2024-01-04 N/A 7.1 HIGH
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
CVE-2023-23443 1 Hihonor 1 Magic Os 2024-01-04 N/A 7.1 HIGH
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
CVE-2023-51426 1 Hihonor 1 Magic Os 2024-01-04 N/A 7.1 HIGH
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
CVE-2023-51427 1 Hihonor 1 Magic Os 2024-01-04 N/A 7.1 HIGH
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.