CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1000005
https://notcve.org/view.php?id=CVE-2016-1000005
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. ... La función mcrypt_get_block_size no aplicaba que el parámetro "module" provisto era una cadena, conllevando a una confusión de tipo si otros tipos de datos fueron pasados. • https://github.com/facebook/hhvm/commit/39e7e177473350b3a5c34e8824af3b98e25efa89 https://www.facebook.com/security/advisories/cve-2016-1000005 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 2%CPEs: 17EXPL: 0CVE-2020-3757 – flash-plugin: Arbitrary Code Execution vulnerability (APSB20-06)
https://notcve.org/view.php?id=CVE-2020-3757
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. ... Adobe Flash Player versiones 32.0.0.321 y anteriores, 32.0.0.314 y anteriores, 32.0.0.321 y anteriores, y 32.0.0.255 y anteriores, presenta una vulnerabilidad de confusión de tipos. • https://access.redhat.com/errata/RHSA-2020:0513 https://helpx.adobe.com/security/products/flash-player/apsb20-06.html https://security.gentoo.org/glsa/202003-61 https://access.redhat.com/security/cve/CVE-2020-3757 https://bugzilla.redhat.com/show_bug.cgi?id=1801792 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-3738 – Adobe FrameMaker TIF File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3738
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://helpx.adobe.com/security/products/framemaker/apsb20-04.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2020-6382 – chromium-browser: Type Confusion in JavaScript
https://notcve.org/view.php?id=CVE-2020-6382
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en JavaScript en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1031909 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-3853 – macOS/iOS XNU mk_timer_create_trap() Race Condition
https://notcve.org/view.php?id=CVE-2020-3853
A type confusion issue was addressed with improved memory handling. ... Se abordó un problema de confusión de tipos con un manejo de memoria mejorado. ... Una aplicación maliciosa puede ser capaz de ejecutar código arbitrario con privilegios system. macOS and iOS suffer from a race condition in XNU's mk_timer_create_trap() that can lead to type confusion. • https://support.apple.com/HT210918 https://support.apple.com/HT210919 https://support.apple.com/HT210920 https://support.apple.com/HT210921 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •