CVE-2010-2299 — CVSS 10.0 (critical): The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle…
CVE-2026-13776 — CVSS 9.8 (critical): Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to…
CVE-2026-43038 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko…
CVE-2025-70023 — CVSS 9.8 (critical): An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6.
CVE-2026-4702 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and…
CVE-2026-4698 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR…
CVE-2026-2796 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
CVE-2025-65570 — CVSS 9.8 (critical): A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP_NEXT opcode. When an “instanceof” expression…
CVE-2025-47151 — CVSS 9.8 (critical): A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A…
CVE-2025-22435 — CVSS 9.8 (critical): In avdt_msg_ind of avdt_msg.cc, there is a possible memory corruption due to type confusion. This could lead to paired device escalation of…
CVE-2024-7825 — CVSS 9.8 (critical): Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit…
CVE-2024-7824 — CVSS 9.8 (critical): Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit…
CVE-2024-8385 — CVSS 9.8 (critical): A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability…
CVE-2024-8381 — CVSS 9.8 (critical): A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with`…
CVE-2024-20078 — CVSS 9.8 (critical): In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System…
CVE-2024-5436 — CVSS 9.8 (critical): Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution prior to version 12.88. We recommend…
CVE-2023-43154 — CVSS 9.8 (critical): In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt…
CVE-2023-42464 — CVSS 9.8 (critical): A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC…
CVE-2023-21287 — CVSS 9.8 (critical): In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no…
CVE-2023-38199 — CVSS 9.8 (critical): coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms…
CVE-2023-25933 — CVSS 9.8 (critical): A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to…
CVE-2023-23557 — CVSS 9.8 (critical): An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a…
CVE-2021-26600 — CVSS 9.8 (critical): ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).
CVE-2021-46463 — CVSS 9.8 (critical): njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in…
CVE-2021-24044 — CVSS 9.8 (critical): By passing invalid javascript code where await and yield were called upon non-async and non-generator getter/setter functions, Hermes would…
CVE-2021-24045 — CVSS 9.8 (critical): A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that…
CVE-2021-1829 — CVSS 9.8 (critical): A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.3. An application may be able to…
CVE-2019-25010 — CVSS 9.8 (critical): An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when __private_get_type_id__ is…
CVE-2020-25575 — CVSS 9.8 (critical): An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has…
CVE-2020-1911 — CVSS 9.8 (critical): A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes…
CVE-2020-10611 — CVSS 9.8 (critical): Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary…
CVE-2020-11603 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. Type confusion in the MLDAP…
CVE-2019-20589 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SKPM…
CVE-2019-20588 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEM…
CVE-2019-20587 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the MLDAP…
CVE-2019-20586 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the…
CVE-2019-20585 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEC_FR…
CVE-2019-20584 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP…
CVE-2019-20583 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the EXT_FR…
CVE-2019-20571 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. There is type confusion in the WVDRM Trustlet…
CVE-2016-1000005 — CVSS 9.8 (critical): mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data…
CVE-2019-7131 — CVSS 9.8 (critical): Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and…
CVE-2019-8200 — CVSS 9.8 (critical): Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and…
CVE-2019-8169 — CVSS 9.8 (critical): Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and…
CVE-2019-8167 — CVSS 9.8 (critical): Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and…