CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2018-11-05
Medium
CVE-2018-17913

Vendor: Omron
Software: Cx-supervisor
 

 
A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.

 
2018-10-18
Medium
CVE-2018-12386

Vendor: Mozilla
Software: Firefox
 

 
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.

 
2018-10-17
Low
CVE-2018-18386

Vendor: Linux
Software: Linux kernel
 

 
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.

 
2018-10-12
High
CVE-2018-12876

Vendor: Adobe
Software: Acrobat
 

 
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

 
High
CVE-2018-12858

Vendor: Adobe
Software: Acrobat
 

 
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

 
High
CVE-2018-12835

Vendor: Adobe
Software: Acrobat
 

 
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

 
2018-09-05
Medium
CVE-2018-16511

Vendor: Artifex
Software: Ghostscript
 

 
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.

 
Medium
CVE-2018-16513

Vendor: Artifex
Software: Ghostscript
 

 
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

 
2018-08-30
Medium
CVE-2018-14317

Vendor: Foxitsoftware
Software: Foxit reader
 

 
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6683.

 
2018-08-28
Medium
CVE-2017-15413

Vendor: Google
Software: Chrome
 

 
Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top