CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2019-04-03
High
CVE-2018-4285

Vendor: Apple
Software: Mac os x
 

 
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.

 
Medium
CVE-2018-4284

Vendor: Apple
Software: Icloud
 

 
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

 
2019-03-05
Medium
CVE-2019-6215

Vendor: Apple
Software: Icloud
 

 
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

 
Medium
CVE-2019-6214

Vendor: Apple
Software: Iphone os
 

 
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

 
2019-02-20
Medium
CVE-2018-5817

Vendor: Libraw
Software: Libraw
 

 
A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.

 
2019-02-19
Medium
CVE-2019-5757

Vendor: Google
Software: Chrome
 

 
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

 
2019-02-06
Medium
CVE-2018-7815

Vendor: Schneider-electric
Software: Guicon
 

 
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file

 
Medium
CVE-2018-7813

Vendor: Schneider-electric
Software: Guicon
 

 
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file

 
2019-01-30
Medium
CVE-2018-19027

Vendor: Omron
Software: Cx-one
 

 
Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

 
2019-01-23
Medium
CVE-2018-17685

Vendor: Foxitsoftware
Software: Phantompdf
 

 
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6819.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top