Total
296 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25721 | 1 Qualcomm | 90 Aqt1000, Aqt1000 Firmware, Mdm9150 and 87 more | 2023-01-12 | N/A | 7.8 HIGH |
| Memory corruption in video driver due to type confusion error during video playback | |||||
| CVE-2022-32814 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-12 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42841 | 1 Apple | 1 Macos | 2023-01-09 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution. | |||||
| CVE-2022-42856 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 8.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. | |||||
| CVE-2021-30859 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2023-01-09 | 9.3 HIGH | 7.8 HIGH |
| A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-31008 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 15.1, tvOS 15.1, iOS 15 and iPadOS 15, macOS Monterey 12.0.1, watchOS 8.1. Processing maliciously crafted web content may lead to code execution. | |||||
| CVE-2020-9800 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2023-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30852 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-42823 | 2 Apple, Fedoraproject | 7 Ipados, Iphone Os, Macos and 4 more | 2022-12-13 | N/A | 8.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2016-0985 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2022-12-09 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion." | |||||
| CVE-2022-3652 | 1 Google | 1 Chrome | 2022-12-09 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3723 | 1 Google | 1 Chrome | 2022-12-08 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3315 | 1 Google | 1 Chrome | 2022-12-08 | N/A | 8.8 HIGH |
| Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2022-3889 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-12-08 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-4262 | 1 Google | 1 Chrome | 2022-12-05 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-4174 | 1 Google | 1 Chrome | 2022-12-01 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2016-6992 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion." | |||||
| CVE-2018-4920 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2022-3903 | 1 Linux | 1 Linux Kernel | 2022-11-17 | N/A | 4.6 MEDIUM |
| An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system. | |||||
| CVE-2017-2995 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-17 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution. | |||||