Page 29 of 906 results (0.011 seconds)

CVSS: 5.9EPSS: 29%CPEs: 9EXPL: 0

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. ... Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. • https://access.redhat.com/errata/RHSA-2023:6667 https://access.redhat.com/errata/RHSA-2023:7139 https://access.redhat.com/errata/RHSA-2024:0423 https://access.redhat.com/errata/RHSA-2024:0580 https://access.redhat.com/security/cve/CVE-2023-34967 https://bugzilla.redhat.com/show_bug.cgi?id=2222794 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject. • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 12%CPEs: 9EXPL: 0

The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://access.redhat.com/errata/RHSA-2023:6667 https://access.redhat.com/errata/RHSA-2023:7139 https://access.redhat.com/errata/RHSA-2024:0423 https://access.redhat.com/errata/RHSA-2024:0580 https://access.redhat.com/errata/RHSA-2024:4101 https://access.redhat.com/security/cve/CVE-2023-34966 https://bugzilla.redhat.com/show_bug.cgi?id=2222793 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC https://lists.fedoraproje • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. ... Existe una vulnerabilidad de confusión de tipos en el método checkThisBox de Javascript implementado en Foxit Reader 12.1.2.15332. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1795 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36887 https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1747 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning. • https://process.honeywell.com • CWE-209: Generation of Error Message Containing Sensitive Information CWE-394: Unexpected Status Code or Return Value •