| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. |
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID. |
| Privilege escalation vulnerability in the NMS module
Impact: Successful exploitation of this vulnerability will affect availability. |
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service. |
| Business Logic Errors in GitHub repository microweber/microweber prior to 2.0. |
|
The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.
Successful exploitation of this vulnerability may allow attackers to access restricted functions.
|
| in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion. |
| H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL. |
| Improper Enforcement of Behavioral Workflow vulnerability in DECE Software Geodi allows Functionality Bypass.This issue affects Geodi: before 8.0.0.27396.
|
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
|
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
|
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
|
| Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.
|
| A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php?id=2 of the component Redirect Handler. The manipulation leads to enforcement of behavioral workflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236216. |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion. |
| Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart. |
| Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart. |
| In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account. |
| A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967. |
