Monthly
Type confusion in Labcenter Electronics Proteus PDSPRJ file parser enables remote code execution when users open malicious project files. Attackers exploit insufficient validation during file parsing to trigger memory corruption, achieving arbitrary code execution with victim user privileges. Requires social engineering to deliver weaponized PDSPRJ files via email, web download, or file sharing. Publicly available exploit code exists (ZDI advisory disclosure). CVSS 7.8 reflects local attack vector requiring user interaction but no authentication.
Type confusion vulnerability in Google Chrome CSS engine (versions prior to 147.0.7727.55) enables heap corruption through malicious extensions. Attacker must convince user to install crafted Chrome extension, then exploit triggers memory corruption allowing high-severity impacts: arbitrary code execution, information disclosure, and denial of service. CVSS 8.8 rating reflects unauthenticated network vector requiring only user interaction. No public exploit identified at time of analysis. Chromium project classifies severity as Low despite critical CVSS score, indicating successful exploitation barriers beyond user interaction.
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Type confusion in Roundcube Webmail's password plugin allows authenticated users to change passwords without knowing the old password, affecting versions before 1.5.14 and 1.6.14. The vulnerability stems from incorrect password comparison logic that enables privilege escalation within an authenticated session. While the CVSS score of 4.2 reflects moderate severity and the requirement for prior authentication, the impact is direct account compromise for any authenticated user.
Type confusion in macOS memory handling allows local attackers to cause unexpected app termination through crafted user interaction, affecting macOS Sequoia before 15.6, Sonoma before 14.7.7, and Ventura before 13.7.7. With a CVSS score of 3.3 and SSVC exploitation status of 'none', this represents a low-severity local denial-of-service condition requiring user interaction; no public exploit code or active exploitation has been identified.
Type confusion in Free5GC 4.2.0's aper component allows remote attackers to trigger memory corruption and information disclosure with high attack complexity and without authentication. The vulnerability stems from improper type handling in ASN.1 parsing and has publicly available exploit code, though active exploitation at scale has not been confirmed. CVSS 6.3 with availability impact and exploit proof-of-concept disclosure warrant timely patching.
Parse Server versions prior to 8.6.70 and 9.7.0-alpha.18 allow authenticated users with find class-level permissions to bypass protectedFields restrictions on LiveQuery subscriptions by submitting array-like objects with numeric keys instead of proper arrays in $or, $and, or $nor operators. This enables information disclosure through a binary oracle attack that reveals whether protected fields match attacker-supplied values. The vulnerability requires prior authentication and find-level access but no user interaction, affecting all deployments of vulnerable Parse Server versions.
Type confusion in Apple's iOS, iPadOS, macOS, tvOS, visionOS, and watchOS allows local attackers to trigger unexpected application termination through memory corruption. The vulnerability affects multiple OS versions and currently lacks a publicly available patch. An attacker with local access can exploit this to cause denial of service by crashing targeted applications.
A JIT (Just-In-Time) compilation miscompilation vulnerability exists in Firefox's JavaScript Engine that can lead to information disclosure. This affects Firefox versions below 149 and Firefox ESR versions below 140.9. An attacker can exploit this vulnerability through malicious JavaScript code to potentially disclose sensitive information from the browser's memory or process space.
Type confusion in Labcenter Electronics Proteus PDSPRJ file parser enables remote code execution when users open malicious project files. Attackers exploit insufficient validation during file parsing to trigger memory corruption, achieving arbitrary code execution with victim user privileges. Requires social engineering to deliver weaponized PDSPRJ files via email, web download, or file sharing. Publicly available exploit code exists (ZDI advisory disclosure). CVSS 7.8 reflects local attack vector requiring user interaction but no authentication.
Type confusion vulnerability in Google Chrome CSS engine (versions prior to 147.0.7727.55) enables heap corruption through malicious extensions. Attacker must convince user to install crafted Chrome extension, then exploit triggers memory corruption allowing high-severity impacts: arbitrary code execution, information disclosure, and denial of service. CVSS 8.8 rating reflects unauthenticated network vector requiring only user interaction. No public exploit identified at time of analysis. Chromium project classifies severity as Low despite critical CVSS score, indicating successful exploitation barriers beyond user interaction.
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Type confusion in Roundcube Webmail's password plugin allows authenticated users to change passwords without knowing the old password, affecting versions before 1.5.14 and 1.6.14. The vulnerability stems from incorrect password comparison logic that enables privilege escalation within an authenticated session. While the CVSS score of 4.2 reflects moderate severity and the requirement for prior authentication, the impact is direct account compromise for any authenticated user.
Type confusion in macOS memory handling allows local attackers to cause unexpected app termination through crafted user interaction, affecting macOS Sequoia before 15.6, Sonoma before 14.7.7, and Ventura before 13.7.7. With a CVSS score of 3.3 and SSVC exploitation status of 'none', this represents a low-severity local denial-of-service condition requiring user interaction; no public exploit code or active exploitation has been identified.
Type confusion in Free5GC 4.2.0's aper component allows remote attackers to trigger memory corruption and information disclosure with high attack complexity and without authentication. The vulnerability stems from improper type handling in ASN.1 parsing and has publicly available exploit code, though active exploitation at scale has not been confirmed. CVSS 6.3 with availability impact and exploit proof-of-concept disclosure warrant timely patching.
Parse Server versions prior to 8.6.70 and 9.7.0-alpha.18 allow authenticated users with find class-level permissions to bypass protectedFields restrictions on LiveQuery subscriptions by submitting array-like objects with numeric keys instead of proper arrays in $or, $and, or $nor operators. This enables information disclosure through a binary oracle attack that reveals whether protected fields match attacker-supplied values. The vulnerability requires prior authentication and find-level access but no user interaction, affecting all deployments of vulnerable Parse Server versions.
Type confusion in Apple's iOS, iPadOS, macOS, tvOS, visionOS, and watchOS allows local attackers to trigger unexpected application termination through memory corruption. The vulnerability affects multiple OS versions and currently lacks a publicly available patch. An attacker with local access can exploit this to cause denial of service by crashing targeted applications.
A JIT (Just-In-Time) compilation miscompilation vulnerability exists in Firefox's JavaScript Engine that can lead to information disclosure. This affects Firefox versions below 149 and Firefox ESR versions below 140.9. An attacker can exploit this vulnerability through malicious JavaScript code to potentially disclose sensitive information from the browser's memory or process space.