CVE-2025-70023

CVE-2025-70023 affects transloadit uppy v0.25.6. The issue is CWE-843: Access of Resource Using Incompatible Type, caused by a type/resource access mismatch in the vulnerable component. CVSSv3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, ...

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

Security Bulletin: IBM QRadar App SDK for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. This product is only used by IBM QRadar SIEM app developers and external business partners and is not relevant for users o...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to OpenSSL (CVE-2024-6119, CVE-2024-5535)

Summary IBM App Connect Enterprise is vulnerable to a denial of service due to OpenSSL CVE-2024-6119, CVE-2024-5535 Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks e.g., TLS clients...

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2024-6119

Summary IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2024-6119 caused by an error when performing certificate name checks. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate...

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses cryptography-43.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to this CVE-2024-6119

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component component uses cryptography-43.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to this CVE-2024-6119. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

CVE-2024-45112 Acrobat Reader | Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)

Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not...

Adobe Reader < 20.005.30680 / 24.003.20112 Multiple Vulnerabilities (APSB24-70) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 20.005.30680 or 24.003.20112. It is, therefore, affected by multiple vulnerabilities. - Access of Resource Using Incompatible Type 'Type Confusion' potentially leading to Arbitrary code execution CVE-2024-45112 -...

Adobe Acrobat < 20.005.30680 / 24.001.30187 / 24.003.20112 Multiple Vulnerabilities (APSB24-70) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 20.005.30680, 24.001.30187, or 24.003.20112. It is, therefore, affected by multiple vulnerabilities. - Access of Resource Using Incompatible Type 'Type Confusion' potentially leading to Arbitrary code execution...

Siemens Simcenter Femap

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Rockwell Automation Arena Simulation Software (Update B)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: Arena Simulation Software --------- Begin Update B Part 1 of 2 --------- Vulnerabilities: Use After Free, Information Exposure, Type Confusion, Insufficient UI Warning of Dangerous...

Thunderbird ESR < 60.7.XXX - Type Confusion Vulnerability

Type confusion in Thunderbird ============================= Severity Rating: Medium Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...

CVE-2018-7815

A Type Confusion CWE-843 vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 Gold Build 683.0 on c3core.dll which could cause remote code to be executed when parsing a GD1 file...

CVE-2018-7815

CVE-2018-7815 is a type confusion vulnerability in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) affecting c3core.dll, leading to remote code execution when parsing a GD1 file. Documents from ZDI describe the flaw as a type confusion in GUIcon’s GD1 parsing, with exploitation req...

CVE-2018-7815

A Type Confusion CWE-843 vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 Gold Build 683.0 on c3core.dll which could cause remote code to be executed when parsing a GD1 file...