Filtered by CWE-843
Filtered by vendor Subscriptions
Total 688 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-32057 1 Siemens 2 Ps\/iges Parasolid Translator, Simcenter Femap 2025-08-20 7.8 High
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21562)
CVE-2024-32062 1 Siemens 2 Ps\/iges Parasolid Translator, Simcenter Femap 2025-08-20 7.8 High
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21568)
CVE-2024-32063 1 Siemens 2 Ps\/iges Parasolid Translator, Simcenter Femap 2025-08-20 7.8 High
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21573)
CVE-2025-50176 1 Microsoft 11 Directx, Server, Windows and 8 more 2025-08-19 7.8 High
Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.
CVE-2025-50168 1 Microsoft 11 Server, Windows, Windows 11 and 8 more 2025-08-19 7.8 High
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2025-49702 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-08-18 7.8 High
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-48815 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-08-18 7.8 High
Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2025-49713 1 Microsoft 1 Edge Chromium 2025-08-18 8.8 High
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2025-53145 1 Microsoft 21 Windows, Windows 10, Windows 10 1507 and 18 more 2025-08-18 8.8 High
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
CVE-2025-53144 1 Microsoft 20 Windows, Windows 10, Windows 10 1507 and 17 more 2025-08-18 8.8 High
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
CVE-2025-53143 1 Microsoft 21 Windows, Windows 10, Windows 10 1507 and 18 more 2025-08-18 8.8 High
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
CVE-2025-53726 1 Microsoft 21 Server, Windows, Windows 10 and 18 more 2025-08-18 7.8 High
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2025-53725 1 Microsoft 21 Server, Windows, Windows 10 and 18 more 2025-08-18 7.8 High
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2025-53724 1 Microsoft 17 Windows, Windows 10 1507, Windows 10 1607 and 14 more 2025-08-18 7.8 High
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2025-50155 1 Microsoft 19 Server, Windows, Windows 10 1507 and 16 more 2025-08-15 7.8 High
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2025-53739 1 Microsoft 13 365, 365 Apps, Excel and 10 more 2025-08-15 7.8 High
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54649 1 Huawei 1 Harmonyos 2025-08-13 4.5 Medium
Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect.
CVE-2023-51560 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-13 N/A
Foxit PDF Reader Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22259.
CVE-2025-27536 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.
CVE-2024-30357 3 Apple, Foxit, Microsoft 4 Macos, Pdf Editor, Pdf Reader and 1 more 2025-08-08 N/A
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818.