CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-04-05
Medium
CVE-2022-0457

Vendor: Google
Software: Chrome
 

 
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
Medium
CVE-2022-0795

Vendor: Google
Software: Chrome
 

 
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
2022-03-31
Medium
CVE-2022-1176

Vendor: Livehelperchat
Software: Live helper chat
 

 
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.

 
2022-03-28
Medium
CVE-2021-26600

Vendor: Impresscms
Software: Impresscms
 

 
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).

 
2022-03-18
High
CVE-2022-22661

Vendor: Apple
Software: Macos
 

 
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to execute arbitrary code with kernel privileges.

 
2022-03-10
Medium
CVE-2021-40061

Vendor: Huawei
Software: EMUI
 

 
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.

 
2022-02-14
Medium
CVE-2021-46463

Vendor: Nginx
Software: NJS
 

 
njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().

 
2022-02-12
Medium
CVE-2022-0102

Vendor: Google
Software: Chrome
 

 
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
2022-02-09
Medium
CVE-2021-46152

Vendor: Siemens
Software: Simcenter femap
 

 
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a type confusion vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14643, ZDI-CAN-14644, ZDI-CAN-14755, ZDI-CAN-15183)

 
2022-02-03
Low
CVE-2022-21734

Vendor: Google
Software: Tensorflow
 

 
Tensorflow is an Open Source Machine Learning Framework. The implementation of `MapStage` is vulnerable a `CHECK`-fail if the key tensor is not a scalar. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top