| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges. |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to gain elevated project privileges by requesting access to projects where role modifications during the approval process resulted in unintended permission grants. |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| In avdt_msg_ind of avdt_msg.cc, there is a possible memory corruption due to type confusion. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. |
| Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally. |
| Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. |
| Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. |
| Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. |
