Page 40 of 906 results (0.350 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-0473

https://notcve.org/view.php?id=CVE-2023-0473

Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Type Confusion en la API ServiceWorker en Google Chrome anterior a 109.0.5414.119 permitía a un atacante remoto explotar potencialmente la corrupción del heap a través de una página HTML manipulada. • https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html https://crbug.com/1404639 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-20461

https://notcve.org/view.php?id=CVE-2022-20461

In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. • https://source.android.com/security/bulletin/2023-01-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-23455 – Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion

https://notcve.org/view.php?id=CVE-2023-23455

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). ... This issue may allow a local attacker to cause a denial of service due to type confusion. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://www.debian.org/security/2023/dsa-5324 https://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.openwall.com/lists/oss-security/2023/01/10/4 https://access.redhat.com/security/cve/CVE-2023-23455 https:/ • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-23454 – kernel: slab-out-of-bounds read vulnerabilities in cbq_classify

https://notcve.org/view.php?id=CVE-2023-23454

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). ... This issue may allow a local attacker to cause a denial of service due to type confusion. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://www.debian.org/security/2023/dsa-5324 https://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.openwall.com/lists/oss-security/2023/01/10/4 https://access.redhat.com/security/cve/CVE-2023-23454 https:/ • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0

CVE-2023-21675 – Windows Kernel Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2023-21675

Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21675 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •