CWE-704
Allowed-with-ReviewIncorrect Type Conversion or Cast
Abstraction: Class · Status: Incomplete
The product does not correctly convert an object, resource, or structure from one type to a different type.
334 vulnerabilities reference this CWE, most recent first.
GHSA-W87R-3VGP-MX7Q
Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 3 of 3.
{
"affected": [],
"aliases": [
"CVE-2021-25177"
],
"database_specific": {
"cwe_ids": [
"CWE-704",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-18T08:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 3 of 3.",
"id": "GHSA-w87r-3vgp-mx7q",
"modified": "2022-05-24T17:39:25Z",
"published": "2022-05-24T17:39:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25177"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf"
},
{
"type": "WEB",
"url": "https://www.opendesign.com/security-advisories"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-219"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WC7C-X4P4-9R3J
Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getDataObject method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6014.
{
"affected": [],
"aliases": [
"CVE-2018-14251"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-31T20:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getDataObject method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6014.",
"id": "GHSA-wc7c-x4p4-9r3j",
"modified": "2022-05-13T01:34:40Z",
"published": "2022-05-13T01:34:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14251"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-711"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WG5J-5HMX-G6C3
Vulnerability from github – Published: 2022-05-14 01:35 – Updated: 2022-05-14 01:35A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file
{
"affected": [],
"aliases": [
"CVE-2018-7813"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-02-06T23:29:00Z",
"severity": "HIGH"
},
"details": "A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file",
"id": "GHSA-wg5j-5hmx-g6c3",
"modified": "2022-05-14T01:35:48Z",
"published": "2022-05-14T01:35:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7813"
},
{
"type": "WEB",
"url": "https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106218"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WGX2-6432-J3FW
Vulnerability from github – Published: 2021-08-25 20:48 – Updated: 2021-08-19 21:07An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "bigint"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.4.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-35880"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-19T21:07:53Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation.",
"id": "GHSA-wgx2-6432-j3fw",
"modified": "2021-08-19T21:07:53Z",
"published": "2021-08-25T20:48:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35880"
},
{
"type": "WEB",
"url": "https://github.com/rustsec/advisory-db/pull/290"
},
{
"type": "WEB",
"url": "https://github.com/paritytech/bigint/commit/7e71521a61b009afc94c91135353102658550d42"
},
{
"type": "PACKAGE",
"url": "https://github.com/paritytech/bigint"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2020-0025.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Unsoundness in bigint"
}
GHSA-WHH8-CHVW-6J23
Vulnerability from github – Published: 2022-05-17 02:22 – Updated: 2022-05-17 02:22WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710.
{
"affected": [],
"aliases": [
"CVE-2016-4709"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-09-25T10:59:00Z",
"severity": "HIGH"
},
"details": "WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage \"type confusion,\" a different vulnerability than CVE-2016-4710.",
"id": "GHSA-whh8-chvw-6j23",
"modified": "2022-05-17T02:22:15Z",
"published": "2022-05-17T02:22:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4709"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207170"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/93055"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1036858"
},
{
"type": "WEB",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-609"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WHWC-X4M2-68JW
Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.
{
"affected": [],
"aliases": [
"CVE-2010-1822"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2010-10-04T21:00:00Z",
"severity": "HIGH"
},
"details": "WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.",
"id": "GHSA-whwc-x4m2-68jw",
"modified": "2022-05-13T01:24:42Z",
"published": "2022-05-13T01:24:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1822"
},
{
"type": "WEB",
"url": "https://bugs.webkit.org/show_bug.cgi?id=45562"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6691"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=55114"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42314"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43068"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT4455"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT4456"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0212"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WJVH-G4JC-JG48
Vulnerability from github – Published: 2022-05-14 03:07 – Updated: 2022-05-14 03:07Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.
{
"affected": [],
"aliases": [
"CVE-2018-12453"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-16T17:29:00Z",
"severity": "HIGH"
},
"details": "Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.",
"id": "GHSA-wjvh-g4jc-jg48",
"modified": "2022-05-14T03:07:09Z",
"published": "2022-05-14T03:07:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12453"
},
{
"type": "WEB",
"url": "https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6"
},
{
"type": "WEB",
"url": "https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44908"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WW69-C6P5-R54M
Vulnerability from github – Published: 2024-03-19 12:30 – Updated: 2024-10-30 18:30Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.
{
"affected": [],
"aliases": [
"CVE-2024-2606"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-19T12:15:08Z",
"severity": "LOW"
},
"details": "Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox \u003c 124.",
"id": "GHSA-ww69-c6p5-r54m",
"modified": "2024-10-30T18:30:44Z",
"published": "2024-03-19T12:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2606"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1879237"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WX52-52WX-WMGM
Vulnerability from github – Published: 2022-05-14 01:20 – Updated: 2022-05-14 01:20Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2017-11257"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-11T19:29:00Z",
"severity": "HIGH"
},
"details": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.",
"id": "GHSA-wx52-52wx-wmgm",
"modified": "2022-05-14T01:20:49Z",
"published": "2022-05-14T01:20:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11257"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100181"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039098"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WX5G-J2W9-QX59
Vulnerability from github – Published: 2022-05-13 01:30 – Updated: 2022-05-13 01:30In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
{
"affected": [],
"aliases": [
"CVE-2018-15910"
],
"database_specific": {
"cwe_ids": [
"CWE-704"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-08-27T17:29:00Z",
"severity": "HIGH"
},
"details": "In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.",
"id": "GHSA-wx5g-j2w9-qx59",
"modified": "2022-05-13T01:30:43Z",
"published": "2022-05-13T01:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15910"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2918"
},
{
"type": "WEB",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=699656"
},
{
"type": "WEB",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201811-12"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K22141757?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3768-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4288"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/332928"
},
{
"type": "WEB",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c3476dde7743761a4e1d39a631716199b696b880"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105122"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.