Page 150 of 908 results (0.029 seconds)

CVSS: 8.8EPSS: 1%CPEs: 9EXPL: 0

Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/695826 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5057 https://bugzilla.redhat.com/show_bug.cgi?id=1443835 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 16%CPEs: 9EXPL: 0

Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. Una confusión de tipos en Blink en Google Chrome, en versiones anteriores a la 58.0.3029.81 para Linux, Windows y Mac y a la 58.0.3029.83 para Android, permitía que un atacante remoto pudiese ejecutar código mediante una página HTML manipulada. ... It's possible to trigger a type confusion condition by manipulating a document's elements. • http://www.securityfocus.com/bid/97939 http://www.securitytracker.com/id/1038317 https://access.redhat.com/errata/RHSA-2017:1124 https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html https://crbug.com/684684 https://security.gentoo.org/glsa/201705-02 https://access.redhat.com/security/cve/CVE-2017-5059 https://bugzilla.redhat.com/show_bug.cgi?id=1443837 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. runtime/JSONObject.cpp en JavaScriptCore en WebKit, as distribuido en Safari Technology Preview Release 18, permite a atacantes remotos provocar una denegación de servicio (violación de segmentación y caída de la aplicación) a través de un código JavaScript manipulado que desencadena una "confusión tipo" en la función JSON.stringify. • http://trac.webkit.org/changeset/208123 https://bugs.webkit.org/show_bug.cgi?id=164123 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 8%CPEs: 2EXPL: 1

WebKit suffers from a type confusion vulnerability in constructJSReadableStreamDefaultReader. • https://www.exploit-db.com/exploits/41803 http://www.securityfocus.com/bid/97147 http://www.securitytracker.com/id/1038138 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207600 https://support.apple.com/HT207617 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0

The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/97137 http://www.securitytracker.com/id/1038138 https://support.apple.com/HT207601 https://support.apple.com/HT207602 https://support.apple.com/HT207615 https://support.apple.com/HT207617 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •