CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-32948 – PeerTube ActivityPub Playlist Creation Blind SSRF and DoS
https://notcve.org/view.php?id=CVE-2025-32948
15 Apr 2025 — The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases send requests to arbitrary URLs (Blind SSRF). Attackers can send ActivityPub activities to PeerTube's "inbox" endpoint. By abusing the "Create Activity" functionality, it is possible to create crafted playlists which will cause either denial of service or an attacker-controlled blind SSRF. The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases send ... • https://github.com/Chocobozzz/PeerTube/releases/tag/v7.1.1 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2025-29791 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29791
08 Apr 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29791 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32352
https://notcve.org/view.php?id=CVE-2025-32352
05 Apr 2025 — A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. • https://projectblack.io/blog/zendto-nday-vulnerabilities • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25000 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-25000
03 Apr 2025 — Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. El acceso a un recurso mediante un tipo incompatible ('confusión de tipos') en Microsoft Edge (basado en Chromium) permite que un atacante no autorizado ejecute código a través de una red. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25000 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21947 – ksmbd: fix type confusion via race condition when using ipc_msg_send_request
https://notcve.org/view.php?id=CVE-2025-21947
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipc_msg_send_request req->handle is allocated using ksmbd_acquire_id(&ipc_ida), based on ida_alloc. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipc_msg_send_request req->handle is allocated using ksmbd_acquire_id(&ipc_ida), based on ida_alloc. req->handle from ksmbd_ipc_login_req... • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-30427 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-30427
31 Mar 2025 — The Google V8 Security Team discovered that a type confusion issue could lead to memory corruption. • https://support.apple.com/en-us/122371 • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 27EXPL: 0CVE-2025-24213 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24213
31 Mar 2025 — A type confusion issue could lead to memory corruption. ... A type confusion issue could lead to memory corruption. ajajfxhj discovered that processing web content may lead to a denial-of-service. ... The Google V8 Security Team discovered that a type confusion issue could lead to memory corruption. • https://support.apple.com/en-us/122371 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24209 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2025-24209
31 Mar 2025 — The Google V8 Security Team discovered that a type confusion issue could lead to memory corruption. • https://support.apple.com/en-us/122371 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24264 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-24264
31 Mar 2025 — The Google V8 Security Team discovered that a type confusion issue could lead to memory corruption. • https://support.apple.com/en-us/122371 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24208 – webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
https://notcve.org/view.php?id=CVE-2025-24208
31 Mar 2025 — The Google V8 Security Team discovered that a type confusion issue could lead to memory corruption. • https://support.apple.com/en-us/122371 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •