CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-11-14
Waiting for details
CVE-2022-3903

Updating...
 

 
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.

 
2022-07-15
Waiting for details
CVE-2022-34221

Updating...
 

 
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

 
2022-05-24
Waiting for details
CVE-2021-32965

Updating...
 

 
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code.

 
2022-05-21
Waiting for details
CVE-2022-29209

Updating...
 

 
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type conversion rules, several of the macros would trigger incorrectly. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

 
2022-04-05
Medium
CVE-2022-0795

Vendor: Google
Software: Chrome
 

 
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
Medium
CVE-2022-0457

Vendor: Google
Software: Chrome
 

 
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
2022-03-31
Medium
CVE-2022-1176

Vendor: Livehelperchat
Software: Live helper chat
 

 
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.

 
2022-03-28
Medium
CVE-2021-26600

Vendor: Impresscms
Software: Impresscms
 

 
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).

 
2022-03-18
High
CVE-2022-22661

Vendor: Apple
Software: Macos
 

 
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to execute arbitrary code with kernel privileges.

 
2022-03-10
Medium
CVE-2021-40061

Vendor: Huawei
Software: EMUI
 

 
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top