CVSS: 7.0EPSS: 0%CPEs: 27EXPL: 0CVE-2023-1077
https://notcve.org/view.php?id=CVE-2023-1077
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. • https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://security.netapp.com/advisory/ntap-20230511-0002 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21056
https://notcve.org/view.php?id=CVE-2023-21056
In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0083 – The ArkUI framework subsystem doesn't check the input parameter,causing type confusion and invalid memory access.
https://notcve.org/view.php?id=CVE-2023-0083
The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash. • https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-02.md • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1235
https://notcve.org/view.php?id=CVE-2023-1235
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1404704 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1215
https://notcve.org/view.php?id=CVE-2023-1215
Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1417176 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •