CWE-704
Allowed-with-ReviewIncorrect Type Conversion or Cast
Abstraction: Class · Status: Incomplete
The product does not correctly convert an object, resource, or structure from one type to a different type.
334 vulnerabilities reference this CWE, most recent first.
GHSA-V38R-CMM6-V8C3
Vulnerability from github – Published: 2024-11-19 21:31 – Updated: 2024-11-20 18:32In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2018-9339"
],
"database_specific": {
"cwe_ids": [
"CWE-704",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-19T19:15:05Z",
"severity": "HIGH"
},
"details": "In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-v38r-cmm6-v8c3",
"modified": "2024-11-20T18:32:16Z",
"published": "2024-11-19T21:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9339"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2018-06-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V4WQ-4595-GR53
Vulnerability from github – Published: 2024-06-06 21:30 – Updated: 2024-10-15 21:30OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.
{
"affected": [],
"aliases": [
"CVE-2024-36735"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-06T19:15:58Z",
"severity": "MODERATE"
},
"details": "OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.",
"id": "GHSA-v4wq-4595-gr53",
"modified": "2024-10-15T21:30:34Z",
"published": "2024-06-06T21:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36735"
},
{
"type": "WEB",
"url": "https://gist.github.com/Redmept1on/4998e9b6435448cea07a8b2dbf96eedc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V69G-856V-C9CC
Vulnerability from github – Published: 2022-11-14 12:00 – Updated: 2025-11-03 21:30A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. Upgrading to version 1.9.34 is able to address this issue. The name of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-3979"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-13T23:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. Upgrading to version 1.9.34 is able to address this issue. The name of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.",
"id": "GHSA-v69g-856v-c9cc",
"modified": "2025-11-03T21:30:44Z",
"published": "2022-11-14T12:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3979"
},
{
"type": "WEB",
"url": "https://github.com/NagVis/nagvis/commit/7574fd8a2903282c2e0d1feef5c4876763db21d5"
},
{
"type": "WEB",
"url": "https://github.com/NagVis/nagvis/releases/tag/nagvis-1.9.34"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00000.html"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.213557"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.213557"
},
{
"type": "WEB",
"url": "https://www.sonarsource.com/blog/checkmk-rce-chain-2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V6GC-7F3W-XC38
Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsFDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6010.
{
"affected": [],
"aliases": [
"CVE-2018-14247"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-31T20:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsFDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6010.",
"id": "GHSA-v6gc-7f3w-xc38",
"modified": "2022-05-13T01:34:41Z",
"published": "2022-05-13T01:34:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14247"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-707"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V79H-64CF-GW4X
Vulnerability from github – Published: 2023-07-04 06:30 – Updated: 2024-04-04 05:22Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.
{
"affected": [],
"aliases": [
"CVE-2023-21638"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-04T05:15:10Z",
"severity": "HIGH"
},
"details": "Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.",
"id": "GHSA-v79h-64cf-gw4x",
"modified": "2024-04-04T05:22:25Z",
"published": "2023-07-04T06:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21638"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VCP2-75R9-Q84Q
Vulnerability from github – Published: 2022-05-14 01:40 – Updated: 2022-05-14 01:40In iOS before 11.2, a type confusion issue was addressed with improved memory handling.
{
"affected": [],
"aliases": [
"CVE-2017-13888"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-11T18:29:00Z",
"severity": "HIGH"
},
"details": "In iOS before 11.2, a type confusion issue was addressed with improved memory handling.",
"id": "GHSA-vcp2-75r9-q84q",
"modified": "2022-05-14T01:40:17Z",
"published": "2022-05-14T01:40:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13888"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208334"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VGC3-2W4V-5M3J
Vulnerability from github – Published: 2022-05-14 01:13 – Updated: 2022-05-14 01:13A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
{
"affected": [],
"aliases": [
"CVE-2018-4284"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-03T18:29:00Z",
"severity": "HIGH"
},
"details": "A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.",
"id": "GHSA-vgc3-2w4v-5m3j",
"modified": "2022-05-14T01:13:07Z",
"published": "2022-05-14T01:13:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4284"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208932"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208933"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208934"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208935"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208936"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT208938"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VGGM-JRF9-WH4R
Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
{
"affected": [],
"aliases": [
"CVE-2011-3036"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-03-05T19:55:00Z",
"severity": "MODERATE"
},
"details": "Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.",
"id": "GHSA-vggm-jrf9-wh4r",
"modified": "2022-05-13T01:27:16Z",
"published": "2022-05-13T01:27:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3036"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73647"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15072"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=113258"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/79795"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48265"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48419"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48527"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201203-19.xml"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5400"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5485"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5503"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/52271"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1026759"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-VGJQ-G92J-GVVR
Vulnerability from github – Published: 2022-09-03 00:00 – Updated: 2022-09-08 00:00Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto
{
"affected": [],
"aliases": [
"CVE-2022-22102"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-02T12:15:00Z",
"severity": "HIGH"
},
"details": "Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto",
"id": "GHSA-vgjq-g92j-gvvr",
"modified": "2022-09-08T00:00:28Z",
"published": "2022-09-03T00:00:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22102"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VH45-GFXF-VR42
Vulnerability from github – Published: 2026-02-24 09:31 – Updated: 2026-02-24 09:31An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.
This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
{
"affected": [],
"aliases": [
"CVE-2025-40541"
],
"database_specific": {
"cwe_ids": [
"CWE-639",
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-24T08:16:28Z",
"severity": "CRITICAL"
},
"details": "An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.",
"id": "GHSA-vh45-gfxf-vr42",
"modified": "2026-02-24T09:31:21Z",
"published": "2026-02-24T09:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40541"
},
{
"type": "WEB",
"url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
},
{
"type": "WEB",
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40541"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.