CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21947 – ksmbd: fix type confusion via race condition when using ipc_msg_send_request
https://notcve.org/view.php?id=CVE-2025-21947
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipc_msg_send_request req->handle is allocated using ksmbd_acquire_id(&ipc_ida), based on ida_alloc. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipc_msg_send_request req->handle is allocated using ksmbd_acquire_id(&ipc_ida), based on ida_alloc. req->handle from ksmbd_ipc_login_req... • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24213
https://notcve.org/view.php?id=CVE-2025-24213
31 Mar 2025 — A type confusion issue could lead to memory corruption. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24196
https://notcve.org/view.php?id=CVE-2025-24196
31 Mar 2025 — A type confusion issue was addressed with improved memory handling. • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24247
https://notcve.org/view.php?id=CVE-2025-24247
31 Mar 2025 — A type confusion issue was addressed with improved checks. • https://support.apple.com/en-us/122373 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53024 – bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation
https://notcve.org/view.php?id=CVE-2023-53024
27 Mar 2025 — In this case, the second write may be subject to speculative store bypass (SSB) creating a speculative pointer-as-scalar type confusion. In this case, the second write may be subject to speculative store bypass (SSB) creating a speculative pointer-as-scalar type confusion. ... Scalar-confusion due to speculative store bypass can not lead to invalid accesses because the pointer bounds deducted during verification are enforced using branchless logic. Scalar-confusion ... • https://git.kernel.org/stable/c/872968502114d68c21419cf7eb5ab97717e7b803 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29806 – Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29806
23 Mar 2025 — No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29806 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2135 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2135
10 Mar 2025 — Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1920 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-1920
10 Mar 2025 — Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2015 – Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-2015
10 Mar 2025 — Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.zerodayinitiative.com/advisories/ZDI-25-116 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2016 – Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-2016
10 Mar 2025 — Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://www.zerodayinitiative.com/advisories/ZDI-25-117 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •