CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19391
https://notcve.org/view.php?id=CVE-2019-19391
In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and > options are mishandled. ... However, not all users of later LuaJIT derivatives share this perspective ** EN DISPUTA ** En LuaJIT hasta la versión 2.0.5, como se usaba en Moonjit antes de 2.1.2 y otros productos, debug.getinfo tiene un problema de confusión de tipos que conduce a operaciones arbitrarias de escritura o lectura de memoria, porque ciertos casos involucran niveles de pila válidos y > las opciones se manejan mal. • https://github.com/LuaJIT/LuaJIT/pull/526 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15792 – Type confusion in shiftfs
https://notcve.org/view.php?id=CVE-2019-15792
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a filesystem-dependent type, to a "struct shiftfs_file_info *". • https://www.exploit-db.com/exploits/47693 https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=5df147c8140efc71ac0879ae3b0057f577226d4c https://usn.ubuntu.com/usn/usn-4183-1 https://usn.ubuntu.com/usn/usn-4184-1 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-15793 – Mishandling of file-system uid/gid with namespaces in shiftfs
https://notcve.org/view.php?id=CVE-2019-15793
Ubuntu suffers from refcount underflow and type confusion vulnerabilities in shiftfs. • https://www.exploit-db.com/exploits/47693 https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=3644b9d5688da86f18e017c9c580b75cf52927bb https://usn.ubuntu.com/usn/usn-4183-1 https://usn.ubuntu.com/usn/usn-4184-1 • CWE-276: Incorrect Default Permissions CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 8.8EPSS: 71%CPEs: 8EXPL: 1CVE-2019-8820 – JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
https://notcve.org/view.php?id=CVE-2019-8820
JSC suffers from a type confusion vulnerability during bailout when reconstructing arguments objects. • https://www.exploit-db.com/exploits/47590 https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210721 https://support.apple.com/HT210723 https://support.apple.com/HT210724 https://support.apple.com/HT210725 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://support.apple.com/HT210728 https://access.redhat.com/security/cve/CVE-2019-8820 https://bugzilla.redhat.com/show_bug.cgi?id=1876591 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 0CVE-2019-8822 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8822
WebKit suffers from an integer overflow in NodeRareData::m_connectedFrameCount that can lead to universal cross site scripting and type confusion. • https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210721 https://support.apple.com/HT210723 https://support.apple.com/HT210725 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://support.apple.com/HT210728 https://access.redhat.com/security/cve/CVE-2019-8822 https://bugzilla.redhat.com/show_bug.cgi?id=1876593 • CWE-787: Out-of-bounds Write •