CVSS: 8.1EPSS: 9%CPEs: 1EXPL: 1CVE-2016-8331
https://notcve.org/view.php?id=CVE-2016-8331
A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. ... Un documento TIFF manipulado puede llevar a un tipo de vulnerabilidad de confusión resultando en ejecución remota de código. • http://www.securityfocus.com/bid/93898 http://www.talosintelligence.com/reports/TALOS-2016-0190 https://security.gentoo.org/glsa/201701-16 •
CVSS: 9.6EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5582 – OpenJDK: incomplete type checks of System.arraycopy arguments (Hotspot, 8160591)
https://notcve.org/view.php?id=CVE-2016-5582
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573. Vulnerabilidad no especificada en Oracle Java SE 6u121, 7u111, 8u102 y Java SE Embedded 8u101 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Hotspot, una vulnerabilidad diferente a CVE-2016-5573. It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. • http://rhn.redhat.com/errata/RHSA-2016-2079.html http://rhn.redhat.com/errata/RHSA-2016-2088.html http://rhn.redhat.com/errata/RHSA-2016-2089.html http://rhn.redhat.com/errata/RHSA-2016-2090.html http://rhn.redhat.com/errata/RHSA-2016-2658.html http://rhn.redhat.com/errata/RHSA-2017-0061.html http://www.debian.org/security/2016/dsa-3707 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93623 http://www • CWE-284: Improper Access Control CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 1%CPEs: 15EXPL: 0CVE-2016-6992 – flash-plugin: multiple code execution issues fixed in APSB16-32
https://notcve.org/view.php?id=CVE-2016-6992
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion." Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar código arbitrario aprovechando una "confusión de tipo" no especificada. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93488 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-6992 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 57%CPEs: 4EXPL: 0CVE-2016-3382 – Microsoft Edge JavaScript eval Function Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3382
By performing actions in script an attacker can trigger a type confusion condition. • http://www.securityfocus.com/bid/93386 http://www.securitytracker.com/id/1036992 http://www.securitytracker.com/id/1036993 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-119 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 19%CPEs: 2EXPL: 0CVE-2016-3383 – Microsoft Internet Explorer Table Layout Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3383
By manipulating a document's elements an attacker can trigger a type confusion condition. • http://www.securityfocus.com/bid/93396 http://www.securitytracker.com/id/1036992 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •