CVE-2023-6702
https://notcve.org/view.php?id=CVE-2023-6702
Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La confusión de tipos en V8 en Google Chrome anterior a 120.0.6099.109 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. • https://github.com/kaist-hacking/CVE-2023-6702 https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html https://crbug.com/1501326 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6NWZ23ZJ62XKWVNGHSIZQYILVJWH5BLI https://security.gentoo.org/glsa/202401-34 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-48694 – Azure RTOS USBX Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-48694
An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. ... Un atacante puede provocar la ejecución remota de código debido a vulnerabilidades de desreferencia de puntero caducado y confusión de tipos en Azure RTOS USBX. • https://github.com/azure-rtos/usbx/security/advisories/GHSA-qjw8-7w86-44qj • CWE-825: Expired Pointer Dereference CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-32849
https://notcve.org/view.php?id=CVE-2023-32849
In cmdq, there is a possible out of bounds write due to type confusion. ... En cmdq, existe una posible escritura fuera de los límites debido a una confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-32848
https://notcve.org/view.php?id=CVE-2023-32848
In vdec, there is a possible out of bounds write due to type confusion. ... En vdec, existe una posible escritura fuera de los límites debido a confusión de tipos. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVE-2023-6348 – Chrome BindTextSuggestionHostForFrame Type Confusion
https://notcve.org/view.php?id=CVE-2023-6348
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Type Confusion en Spellcheck en Google Chrome anterior a 119.0.6045.199 permitía a un atacante remoto que había comprometido el proceso de renderizado explotar potencialmente la corrupción del heap a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Chrome suffers from a type confusion vulnerability in BindTextSuggestionHostForFrame. • http://packetstormsecurity.com/files/176368/Chrome-BindTextSuggestionHostForFrame-Type-Confusion.html https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html https://crbug.com/1491459 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7XQNYZZA3X2LBJF57ZHKXWOMJKNLZYR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJROPNKWW65R34J4IYGTJ7A3OBPUL4IQ https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security& • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •