CVSS: 7.6EPSS: 95%CPEs: 19EXPL: 1CVE-2018-8355 – Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion
https://notcve.org/view.php?id=CVE-2018-8355
Microsoft Edge Chakra JIT suffers from a type confusion vulnerability in localeCompare. • https://www.exploit-db.com/exploits/45432 http://www.securityfocus.com/bid/104978 http://www.securitytracker.com/id/1041457 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 92%CPEs: 1EXPL: 1CVE-2018-8384 – Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion
https://notcve.org/view.php?id=CVE-2018-8384
Microsoft Edge Chakra suffers from a type confusion vulnerability with PathTypeHandlerBase::SetAttributesHelper. • https://www.exploit-db.com/exploits/45431 http://www.securityfocus.com/bid/104981 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-8406 – Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8406
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/105012 http://www.securitytracker.com/id/1041461 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-8405 – Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8405
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/105011 http://www.securitytracker.com/id/1041461 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2018-14317 – Foxit Reader PDF File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-14317
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... El problema deriva de la falta de validación correcta de información proporcionada por el usuario, lo que puede dar como resultado una condición de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.foxitsoftware.com/support/security-bulletins.php https://zerodayinitiative.com/advisories/ZDI-18-939 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •