CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 1CVE-2019-6214 – macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem
https://notcve.org/view.php?id=CVE-2019-6214
A type confusion issue was addressed with improved memory handling. ... Se abordó un problema de confusión de tipos con la mejora de la gestión de memoria. ... Una aplicación maliciosa podría ser capaz de escapar del sandbox. iOS and MacOS suffers from sandbox escape vulnerabilities due to type confusions and memory safety issues in iohideventsystem. • https://www.exploit-db.com/exploits/46298 http://www.securityfocus.com/bid/106739 https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-6217 – Apple Safari RegExp JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6217
By performing actions in JavaScript, an attacker can trigger a type confusion condition. • http://www.securityfocus.com/bid/106699 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-6216 – Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6216
By performing actions in JavaScript, an attacker can trigger a type confusion condition. • http://www.securityfocus.com/bid/106699 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19019 – OMRON CX-Supervisor SCS File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-19019
A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). ... Existe una vulnerabilidad de confusión de tipo cuando se procesan archivos de proyecto en CX-Supervisor, en sus versiones 3.42 y anteriores. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/106654 https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13888
https://notcve.org/view.php?id=CVE-2017-13888
In iOS before 11.2, a type confusion issue was addressed with improved memory handling. En iOS en versiones anteriores a la 11.2, se abordó un problema de confusión de tipos con la mejora de la gestión de memoria. • https://support.apple.com/HT208334 • CWE-704: Incorrect Type Conversion or Cast •