CVE-2024-40788

MEDIUM Year: 2024
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-843
View all →

Vulnerability Description

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. A local attacker may be able to cause unexpected system shutdown.

Related Vulnerabilities

CVE-2021-39219

MEDIUM
CVSS:6.3(Medium)

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the `wasmtime` crate clearly marks which func...

CWE-8432021

CVE-2023-1235

MEDIUM
CVSS:6.3(Medium)

Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interactio...

CWE-8432023

CVE-2024-38207

MEDIUM
CVSS:6.3(Medium)

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CWE-8432024

CVE-2021-23443

MEDIUM
CVSS:6.1(Medium)

This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array (instead of a string or a SafeValue), e...

CWE-8432021

CVE-2021-23447

MEDIUM
CVSS:6.1(Medium)

This affects the package teddy before 0.5.9. A type confusion vulnerability can be used to bypass input sanitization when the model content is an array (instead of a string).

CWE-8432021

CVE-2021-23472

MEDIUM
CVSS:6.1(Medium)

This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array...

CWE-8432021