CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2020-13341
https://notcve.org/view.php?id=CVE-2020-13341
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Insufficient permission check allows attacker with developer role to perform various deletions. Se ha detectado un problema en GitLab afectando a todas las versiones anteriores a 13.2.10, 13.3.7 y 13.4.2. Una comprobación insuficiente de permisos permite a un atacante con rol de desarrollador llevar a cabo varias eliminaciones • https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13341.json https://gitlab.com/gitlab-org/gitlab/-/issues/239348 https://hackerone.com/reports/960244 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-15965 – chromium-browser: Out of bounds write in V8
https://notcve.org/view.php?id=CVE-2020-15965
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 85.0.4183.121, permitía a un atacante remoto llevar a cabo potencialmente un acceso a la memoria fuera de límites por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html https://crbug.com/1126249 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZI • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9948 – Apple Safari replace Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9948
A type confusion issue was addressed with improved memory handling. ... Se abordó un problema de confusión de tipo con un manejo de la memoria mejorado.... By performing actions in JavaScript, an attacker can trigger a type confusion condition. • http://seclists.org/fulldisclosure/2020/Nov/18 http://www.openwall.com/lists/oss-security/2020/11/23/3 https://security.gentoo.org/glsa/202012-10 https://support.apple.com/HT211845 https://www.debian.org/security/2020/dsa-4797 https://access.redhat.com/security/cve/CVE-2020-9948 https://bugzilla.redhat.com/show_bug.cgi?id=1901214 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-0336
https://notcve.org/view.php?id=CVE-2020-0336
In SurfaceFlinger, there is possible memory corruption due to type confusion. ... User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153467444 En SurfaceFlinger, se presenta una posible corrupción de la memoria debido a una confusión de tipo. • https://source.android.com/security/bulletin/android-11 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25575
https://notcve.org/view.php?id=CVE-2020-25575
It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. ... Presenta un fallo de confusión de tipo en el refinamiento de tipos. • https://boats.gitlab.io/blog/post/failure-to-fehler https://github.com/rust-lang-nursery/failure/issues/336 https://rustsec.org/advisories/RUSTSEC-2020-0036.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •