Page 37 of 912 results (0.467 seconds)

CVSS: 8.8EPSS: 2%CPEs: 13EXPL: 0

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24885 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flb_pack_msgpack_to_json_format leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27742 https://github.com/fluent/fluent-bit/pull/3115 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.8EPSS: 0%CPEs: 265EXPL: 0

Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. ... When parsing the NAME element, the process does not properly validate user-supplied data, which can result in a type confusion condition. • https://publications.lexmark.com/publications/security-alerts/CVE-2023-26063.pdf https://support.lexmark.com/alerts • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. ... Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. • http://www.openwall.com/lists/oss-security/2023/11/05/1 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f753a68980cf4b59a80fe677619da2b1804f526d https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://security.netapp.com/advisory/ntap-20230505-0004 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. • https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=ffe2a22562444720b05bdfeb999c03e810d84cbb https://access.redhat.com/security/cve/CVE-2023-1075 https://bugzilla.redhat.com/show_bug.cgi?id=2173434 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •