CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13330 – Foxit Reader JPG File ConvertToPDF Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13330
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... El problema se debe a la falta de comprobación apropiada de los datos suministrados por el usuario, lo que puede resultar en una condición de confusión de tipo. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.foxitsoftware.com/support/security-bulletins.php https://www.zerodayinitiative.com/advisories/ZDI-19-853 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13519 – Rockwell Automation Arena Simulation DOE File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13519
The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.us-cert.gov/ics/advisories/icsa-19-213-05 https://www.zerodayinitiative.com/advisories/ZDI-19-802 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 2CVE-2016-7398
https://notcve.org/view.php?id=CVE-2016-7398
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests. Una vulnerabilidad de confusión de tipo en la función merge_param() del archivo php_http_params.c en la extensión pecl-http de PHP versión 3.1.0beta2 (PHP 7) y anteriores, así como también versión 2.6.0beta2 (PHP 5) y anteriores, permite a atacantes bloquear PHP y posiblemente ejecutar código arbitrario por medio de peticiones HTTP creadas. • https://bugs.php.net/bug.php?id=73055 https://bugs.php.net/bug.php?id=73055&edit=1 https://github.com/m6w6/ext-http/commit/17137d4ab1ce81a2cee0fae842340a344ef3da83 https://lists.debian.org/debian-lts-announce/2019/09/msg00022.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2177
https://notcve.org/view.php?id=CVE-2019-2177
In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. ... En la función isPreferred del archivo HidProfile.java en Android versiones 7.1.1, 7.1.2, 8.0, 8.1 y 9, se presenta una posible confusión del tipo de dispositivo debido a una omisión de permisos. • https://source.android.com/security/bulletin/2019-09-01 • CWE-275: Permission Issues •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11750 – Mozilla: Type confusion in Spidermonkey
https://notcve.org/view.php?id=CVE-2019-11750
A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. ... Se presenta una vulnerabilidad de confusión de tipos en Spidermonkey, lo que resulta en un bloqueo no explotable. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html https://bugzilla.mozilla.org/show_bug.cgi?id=1568397 https://www.mozilla.org/security/advisories/mfsa2019-25 https://www.mozilla.org/security/advisories/mfsa2019-26 https://access.redhat.com/security/cve/CVE-2019-11750 https://bugzilla.redhat.com/show_bug.cgi?id=1748667 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-908: Use of Uninitialized Resource •