CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3652
https://notcve.org/view.php?id=CVE-2022-3652
Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La confusión de tipos en V8 en Google Chrome anterior a 107.0.5304.62 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. • https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html https://crbug.com/1369871 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3676
https://notcve.org/view.php?id=CVE-2022-3676
In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type. • https://github.com/eclipse-openj9/openj9/pull/16122 https://github.com/eclipse/omr/pull/6773 https://gitlab.eclipse.org/eclipsefdn/emo-team/emo/-/issues/389 • CWE-20: Improper Input Validation CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-41033 – Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-41033
Windows COM+ Event System Service Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en system service de eventos COM+ de Windows Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41033 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-38037 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38037
Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039 The Windows Kernel suffers from a memory corruption vulnerability due to type confusion of subkey index leaves in registry hives. • http://packetstormsecurity.com/files/169791/Windows-Kernel-Type-Confusion-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38037 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3315
https://notcve.org/view.php?id=CVE-2022-3315
Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) La confusión de tipos en Blink en Google Chrome anterior a la versión 106.0.5249.62 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. • https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html https://crbug.com/1322812 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •