CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-16103
https://notcve.org/view.php?id=CVE-2020-16103
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. ... Una confusión de tipos en Gallagher Command Center Server, permite a un atacante remoto bloquear el servidor o posiblemente causar una ejecución de código remota. • https://security.gallagher.com/Security-Advisories/CVE-2020-16103 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16015
https://notcve.org/view.php?id=CVE-2020-16015
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una comprobación insuficiente de datos en WASM en Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante remoto explotar potencialmente una corrupción de la memoria por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html https://crbug.com/1146673 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2020-17048 – Chakra Scripting Engine Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-17048
By performing actions in JavaScript, an attacker can trigger a type confusion condition. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17048 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2020-27932 – Apple Multiple Products Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2020-27932
A type confusion issue was addressed with improved state handling. ... Se abordó un problema de confusión de tipos con un manejo de estado mejorado....  Una aplicación maliciosa puede ser capaz de ejecutar código arbitrario con privilegios kernel The XNU kernel suffers from a type confusion vulnerability in turnstiles. Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges. • http://packetstormsecurity.com/files/161295/XNU-Kernel-Turnstiles-Type-Confusion.html http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211928 https://support.apple.com/en-us/HT211929 https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT211940 https://support.apple.com/en-us/HT211944 https://support.apple.com/en-us/HT211945 https://support.apple.com/en-us/HT211946 https://support.apple.com/en-us/HT211947 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25661 – kernel: Red Hat only CVE-2020-12351 regression
https://notcve.org/view.php?id=CVE-2020-25661
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un problema de regresión CVE-2020-12351 solo de Red Hat en la manera en que la implementación de Bluetooth del kernel de Linux manejaba los paquetes L2CAP con A2MP CID. Este fallo permite a un atacante remoto en un rango adyacente bloquear el sistema, causando una denegación de servicio o ejecutando potencialmente código arbitrario en el sistema mediante el envío de un paquete L2CAP especialmente diseñado. • https://access.redhat.com/security/cve/CVE-2020-12351 https://access.redhat.com/security/vulnerabilities/BleedingTooth https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25661 https://access.redhat.com/security/cve/CVE-2020-25661 https://bugzilla.redhat.com/show_bug.cgi?id=1891483 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •