type confusion vulnerabilities and exploits

7.5
CVSSv2
CVE-2019-11707

A type confusion vulnerability has been found in Firefox 67.0.3 and Firefox ESR 60.7.1. The vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. It can allow remote code execution....

MozillaFirefoxFirefox EsrThunderbird
6.8
CVSSv2
CVE-2017-2369

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...

AppleSafariIphone OsTvosWebkitgtkWebkitgtk+
7.5
CVSSv2
CVE-2016-2337

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution....

7.2
CVSSv2
CVE-2015-1143

LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue....

9.3
CVSSv2
CVE-2015-6986

com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attackers to execute arbitrary code via a crafted app that leverages an unspecified "type confusion."...

10
CVSSv2
CVE-2015-4603

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue....

7.5
CVSSv2
CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution....

6.8
CVSSv2
CVE-2017-16745

A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when...

7.2
CVSSv2
CVE-2015-5932

The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing....

AppleMac Os X
6.8
CVSSv2
CVE-2018-16511

An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact....