CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 0CVE-2023-42464
https://notcve.org/view.php?id=CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. ... Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. ... Se encontró una vulnerabilidad de Confusión de Tipos en las funciones Spotlight RPC en afpd en Netatalk 3.1.x anterior a 3.1.17. • https://github.com/Netatalk/netatalk/issues/486 https://lists.debian.org/debian-lts-announce/2023/09/msg00031.html https://netatalk.io/security/CVE-2023-42464 https://netatalk.sourceforge.io https://netatalk.sourceforge.io/3.1/htmldocs/afpd.8.html https://netatalk.sourceforge.io/CVE-2023-42464.php https://www.debian.org/security/2023/dsa-5503 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-38074 – Siemens Tecnomatix Plant Simulation WRL File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38074
The affected application contains a type confusion vulnerability while parsing WRL files. ... La aplicación afectada contiene una vulnerabilidad de Confusión de Tipos al analizar archivos WRL. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-38073 – Siemens Tecnomatix Plant Simulation WRL File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38073
The affected application contains a type confusion vulnerability while parsing WRL files. ... La aplicación afectada contiene una vulnerabilidad de Confusión de Tipos al analizar archivos WRL. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-478780.pdf • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-42074 – PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-42074
PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... PDF-XChange Editor addScript Vulnerabilidad de ejecución remota de código por confusión de tipos. ... El problema se debe a la falta de una validación adecuada de los datos proporcionados por el usuario, lo que puede dar lugar a una condición de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.tracker-software.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-23-1376 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 66%CPEs: 7EXPL: 2CVE-2023-4762 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2023-4762
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 116.0.5845.179 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. • https://github.com/buptsb/CVE-2023-4762 https://github.com/sherlocksecurity/CVE-2023-4762-Code-Review https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1473247 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fed • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •