CWE-843: CWE-843

CVE-2021-46878 is a type confusion vulnerability in Fluent Bit's msgpack parsing that leads to use-after-free conditions. Attackers can craft maliciou...

This vulnerability in Foxit PDF Editor allows remote attackers to execute arbitrary code by tricking users into opening malicious PDF files or visitin...

A use-after-free vulnerability in the Linux kernel's io_uring subsystem allows local attackers to crash the system or potentially escalate privileges....

Delta Electronics DIAScreen versions prior to 1.1.0 contain a type confusion vulnerability that could allow remote attackers to execute arbitrary code...

This CVE-2022-22661 is a type confusion vulnerability in macOS that allows an application to execute arbitrary code with kernel privileges. It affects...

This vulnerability allows local attackers with low-privileged access to escalate privileges to kernel-level execution through improper eBPF program va...

A Type Confusion vulnerability in Autodesk Design Review allows arbitrary code execution when processing malicious PDF files. This affects users of Au...

This vulnerability in Foxit Reader allows remote attackers to execute arbitrary code by tricking users into opening malicious PDF files or visiting ma...

This vulnerability allows local attackers to execute arbitrary code on Omron CX-One industrial automation software due to improper validation of user-...

A type confusion vulnerability in Open Design Alliance Drawings SDK allows attackers to crash applications by providing malformed .DXF or .DWG files. ...

This vulnerability in Delta Electronics CNCSoft-B allows attackers to execute arbitrary code by exploiting a type confusion issue when processing mali...

This Android vulnerability allows attackers to bypass intent security checks in AccountManagerService, enabling installation of unauthorized apps with...

This vulnerability in the jsonwebtoken Rust library allows attackers to bypass time-based security restrictions like 'Not Before' (nbf) and 'Expiratio...

A logic error in macOS iCloud Private Relay prevents activation when multiple users are logged in simultaneously, potentially exposing network traffic...

A type confusion vulnerability in libxslt's psvi memory field allows attackers to crash applications or corrupt memory during XML transformations. Thi...

A type confusion vulnerability in Microsoft Scripting Engine allows remote attackers to execute arbitrary code by sending specially crafted network re...

A type confusion vulnerability in Apple operating systems allows remote attackers to cause unexpected application termination. This affects users runn...

This CVE describes a type confusion vulnerability in Huawei's distributed file module that could allow attackers to cause denial of service through de...

Foxit PDF Reader and PDF Editor versions before 11.2.2 contain a type confusion vulnerability during JavaScript execution that can cause application c...

CVE-2021-39987 is a data processing error vulnerability in the HwNearbyMain module of HarmonyOS devices. Successful exploitation can cause process res...

This vulnerability in Softing Industrial Automation uaToolkit Embedded allows remote attackers to cause denial of service (DoS) by crashing the OPC/UA...

LinkJoin versions through commit 882f196 lack proper type checking in password reset functionality, allowing attackers to bypass authentication contro...

CVE-2023-0286 is a type confusion vulnerability in OpenSSL's X.400 address processing that can cause memory corruption when CRL checking is enabled. A...

A JIT (Just-In-Time) compilation vulnerability in Mozilla's JavaScript engine allows memory corruption through miscompiled code. This affects Firefox,...

A type confusion vulnerability in the Postscript interpreter of Lexmark devices allows attackers to execute arbitrary code by sending specially crafte...

A type confusion vulnerability in Lexmark printer PostScript interpreters allows attackers to inject resources and potentially execute arbitrary code....

CVE-2021-23440 is a type confusion vulnerability in the set-value npm package that allows attackers to bypass previous security fixes (CVE-2019-10747)...

This CVE-2024-49860 is a Linux kernel vulnerability in the ACPI sysfs subsystem where improper validation of the _STR method's return type could lead ...

CVE-2023-1077 is a type confusion vulnerability in the Linux kernel's real-time scheduler that can lead to memory corruption. This allows local attack...

A type confusion vulnerability in Windows Defender Firewall Service allows authenticated attackers to execute arbitrary code with elevated SYSTEM priv...

This CVE describes a type confusion vulnerability in the Windows Defender Firewall Service that allows an authenticated attacker to escalate privilege...

This vulnerability allows unauthenticated attackers to bypass authorization in the Brevo WordPress plugin using PHP type juggling. Attackers can disco...

A vulnerability in Zephyr's network stack allows specially crafted IPv4 packets with ICMP type 128 to be incorrectly processed as ICMPv6 Echo Requests...

An authorized MongoDB user can cause a server crash by issuing queries containing duplicate _id fields, leading to denial of service. This affects Mon...

This vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute arbitrary code over a network connection. It affects ...

This vulnerability in Microsoft Edge (Chromium-based) allows remote attackers to execute arbitrary code on affected systems by tricking users into vis...

This vulnerability in Microsoft Edge (Chromium-based) allows remote attackers to execute arbitrary code on affected systems by tricking users into vis...

This vulnerability in Google Chrome allows attackers to hide security warnings during file downloads, potentially tricking users into opening maliciou...

A Xen hypervisor vulnerability where HVM guests can set register values outside expected ranges during hypercall continuations, triggering a hyperviso...

This vulnerability in Microsoft Edge allows attackers to execute arbitrary code by exploiting memory corruption through specially crafted HTML content...

A type confusion vulnerability in macOS allows malicious applications to cause denial-of-service conditions by manipulating memory incorrectly. This a...

A regression in Preact versions 10.26.5 through 10.28.1 weakens JSON serialization protection, allowing specially-crafted JSON payloads to be incorrec...

This vulnerability in Windows Remote Desktop Gateway allows attackers to cause a denial of service by sending specially crafted requests. It affects o...

A type confusion vulnerability in Apple operating systems allows malicious apps to cause denial-of-service conditions by exploiting memory handling fl...

A type confusion vulnerability in Apple operating systems allows attackers with user privileges to read kernel memory. This affects macOS, iOS, and iP...

This CVE describes a logic flaw in macOS file handling that allows malicious applications to bypass intended access restrictions and read arbitrary fi...

This vulnerability in Android's framework prevents Mobile Device Management (MDM) policies from being properly saved due to a logic error in the Owner...

This CVE describes a type confusion vulnerability in Apple operating systems that allows a local attacker to cause unexpected system shutdowns. The is...

This vulnerability allows remote unauthenticated attackers to exploit a type confusion flaw in SuiteCRM's deleteAttachment functionality to modify dat...

A type confusion vulnerability exists in the user data import/export function of Mercedes Benz NTG 6 head units. Attackers with physical access to the...