CVE-2023-34967 – Samba: type confusion in mdssvc rpc service for spotlight
https://notcve.org/view.php?id=CVE-2023-34967
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. ... Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. • https://access.redhat.com/errata/RHSA-2023:6667 https://access.redhat.com/errata/RHSA-2023:7139 https://access.redhat.com/errata/RHSA-2024:0423 https://access.redhat.com/errata/RHSA-2024:0580 https://access.redhat.com/security/cve/CVE-2023-34967 https://bugzilla.redhat.com/show_bug.cgi?id=2222794 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject. • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-34966 – Samba: infinite loop in mdssvc rpc service for spotlight
https://notcve.org/view.php?id=CVE-2023-34966
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://access.redhat.com/errata/RHSA-2023:6667 https://access.redhat.com/errata/RHSA-2023:7139 https://access.redhat.com/errata/RHSA-2024:0423 https://access.redhat.com/errata/RHSA-2024:0580 https://access.redhat.com/errata/RHSA-2024:4101 https://access.redhat.com/security/cve/CVE-2023-34966 https://bugzilla.redhat.com/show_bug.cgi?id=2222793 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC https://lists.fedoraproje • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2023-32664
https://notcve.org/view.php?id=CVE-2023-32664
A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. ... Existe una vulnerabilidad de confusión de tipos en el método checkThisBox de Javascript implementado en Foxit Reader 12.1.2.15332. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1795 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-36887 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36887
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36887 https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1747 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2023-25948 – Server Data type confusion - info leak
https://notcve.org/view.php?id=CVE-2023-25948
Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning. • https://process.honeywell.com • CWE-209: Generation of Error Message Containing Sensitive Information CWE-394: Unexpected Status Code or Return Value •