CVSS: 8.8EPSS: 95%CPEs: 16EXPL: 3CVE-2019-0752 – Microsoft Internet Explorer Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2019-0752
By performing actions in script, an attacker can trigger a type confusion condition. • https://www.exploit-db.com/exploits/46928 https://github.com/ZwCreatePhoton/CVE-2019-0752 http://packetstormsecurity.com/files/153078/Microsoft-Internet-Explorer-Windows-10-1809-17763.316-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0752 https://www.zerodayinitiative.com/advisories/ZDI-19-359 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-7131 – Adobe Acrobat Pro DC PostScript File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-7131
Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. ... Adobe Acrobat and Reader versiones 2019.010.20064 y anteriores, 2019.010.20064 y anteriores, 2017.011.30110 y versiones anteriores, y 2015.006.30461 y anteriores, presentan una vulnerabilidad de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://helpx.adobe.com/security/products/acrobat/apsb19-02.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5791 – chromium-browser: Type confusion in V8
https://notcve.org/view.php?id=CVE-2019-5791
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. La optimización inadecuada en V8 en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto ejecutar una lectura de memoria fuera de límites por medio de una página HTML creada. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html https://crbug.com/926651 https://access.redhat.com/security/cve/CVE-2019-5791 https://bugzilla.redhat.com/show_bug.cgi?id=1688193 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10231
https://notcve.org/view.php?id=CVE-2019-10231
Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. • https://github.com/glpi-project/glpi/pull/5520 https://github.com/glpi-project/glpi/releases/tag/9.4.1.1 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 5%CPEs: 9EXPL: 1CVE-2019-8506 – Apple Multiple Products Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2019-8506
A type confusion issue was addressed with improved memory handling. ... Se solucionó un problema de confusión de tipos mejorando el manejo de la memoria. ... A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution. • https://www.exploit-db.com/exploits/46647 https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209602 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8506 https://bugzilla.redhat.com/show_bug.cgi?id=1719199 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •