| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion. |
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024.
These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file. |
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID. |
| Privilege escalation vulnerability in the NMS module
Impact: Successful exploitation of this vulnerability will affect availability. |
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service. |
| Business Logic Errors in GitHub repository microweber/microweber prior to 2.0. |
|
The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.
Successful exploitation of this vulnerability may allow attackers to access restricted functions.
|
| in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion. |
| H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL. |
| Improper Enforcement of Behavioral Workflow vulnerability in DECE Software Geodi allows Functionality Bypass.This issue affects Geodi: before 8.0.0.27396.
|
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
|
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
|
|
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
|
| marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows remote attackers to cause a denial of service by sending a malicious DHCP packet. The crash is caused by a type confusion bug that results in a large memory allocation; when this memory allocation fails the DHCP server will crash. |
| Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0.
|
| A vulnerability, which was classified as critical, has been found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this issue is some unknown functionality of the file /vm/admin/delete-doctor.php?id=2 of the component Redirect Handler. The manipulation leads to enforcement of behavioral workflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236216. |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion. |
| Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart. |
| Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart. |
| In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account. |
