Page 153 of 909 results (0.273 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2017-2354 – Apple Safari SearchInputType Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-2354

The issue results from the lack of proper validation of user-supplied data which can result in a type confusion condition. • http://www.securityfocus.com/bid/95736 http://www.securitytracker.com/id/1037668 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207481 https://support.apple.com/HT207482 https://support.apple.com/HT207484 https://support.apple.com/HT207485 https://support.apple.com/HT207486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.6EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-3272 – Oracle Java AtomicReferenceFieldUpdater Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-3272

Due to insufficient type checking involving this class, it is possible for untrusted code to gain access to privileged methods and properties. • http://rhn.redhat.com/errata/RHSA-2017-0175.html http://rhn.redhat.com/errata/RHSA-2017-0176.html http://rhn.redhat.com/errata/RHSA-2017-0177.html http://rhn.redhat.com/errata/RHSA-2017-0180.html http://rhn.redhat.com/errata/RHSA-2017-0263.html http://rhn.redhat.com/errata/RHSA-2017-0269.html http://rhn.redhat.com/errata/RHSA-2017-0336.html http://rhn.redhat.com/errata/RHSA-2017-0337.html http://rhn.redhat.com/errata/RHSA-2017-0338.html http://www •

CVSS: 9.3EPSS: 30%CPEs: 8EXPL: 0

CVE-2017-2962 – Adobe Reader DC XSLT lang Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-2962

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. ... Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de confusión de tipo explotable en el motor XSLT relacionado con la funcionalidad de localización. ... The issue results from the lack of proper validation of user-supplied data which can result in a type confusion condition. • http://www.securityfocus.com/bid/95340 http://www.securitytracker.com/id/1037574 http://www.zerodayinitiative.com/advisories/ZDI-17-026 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1

CVE-2016-2336

https://notcve.org/view.php?id=CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution. Existe un tipo de confusión en dos métodos de la clase WIN32OLE de Ruby, ole_invoke y ole_query_interface. • http://www.talosintelligence.com/reports/TALOS-2016-0029 •

CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1

CVE-2016-2337

https://notcve.org/view.php?id=CVE-2016-2337

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution. Existe un tipo de confusión en el método de clase _cancel_eval Ruby's TclTkIp. • http://www.securityfocus.com/bid/91233 http://www.talosintelligence.com/reports/TALOS-2016-0031 https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html https://security.gentoo.org/glsa/201710-18 •