CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-28643 – Adobe Acrobat Pro DC embedDocAsDataObject Type Confusion Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-28643
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Type Confusion vulnerability. ... Acrobat Reader DC versiones 2021.005.20054 (y anteriores), 2020.004.30005 (y anteriores), y 2017.011.30197 (y anteriores), están afectadas por una vulnerabilidad Type Confusion. ... When parsing the oDoc object, the process does not properly validate user-supplied data, which can result in a type confusion condition. • https://helpx.adobe.com/security/products/acrobat/apsb21-51.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-22882
https://notcve.org/view.php?id=CVE-2020-22882
Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload. Fixed in commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61. Se ha detectado un problema en la función fxParserTree de moddable, permite a atacantes causar una denegación de servicio por medio de una carga útil diseñada. Corregido en el commit 723816ab9b52f807180c99fc69c7d08cf6c6bd61 • https://github.com/Moddable-OpenSource/moddable/issues/351 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-27038 – Autodesk Design Review PDF File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27038
A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously crafted PDF file. ... Una vulnerabilidad de confusión de tipo en Autodesk Design Review 2018, 2017, 2013, 2012, 2011 puede ocurrir al procesar un archivo PDF maliciosamente diseñado. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22354
https://notcve.org/view.php?id=CVE-2021-22354
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read. Se presenta una Vulnerabilidad de Divulgación de Información en el Smartphone de Huawei. Una explotación con éxito de esta vulnerabilidad puede causar una lectura fuera de límites • https://consumer.huawei.com/en/support/bulletin/2021/5 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29955
https://notcve.org/view.php?id=CVE-2021-29955
A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. ... Una vulnerabilidad de ejecución transitoria, denominada Floating Point Value Injection (FPVI) permitía a un atacante filtrar direcciones de memoria arbitrarias y también podría haber permitido ataques de confusión de tipo JIT. • https://bugzilla.mozilla.org/show_bug.cgi?id=1692972 https://www.mozilla.org/security/advisories/mfsa2021-10 https://www.mozilla.org/security/advisories/mfsa2021-11 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •