CWE-843
AllowedAccess of Resource Using Incompatible Type ('Type Confusion')
Abstraction: Base · Status: Incomplete
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
1041 vulnerabilities reference this CWE, most recent first.
GHSA-H9VJ-4R4F-C87F
Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2024-04-04 07:54In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.
{
"affected": [],
"aliases": [
"CVE-2023-43154"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-27T15:19:33Z",
"severity": "CRITICAL"
},
"details": "In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in \"isValidLogin()\" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account.",
"id": "GHSA-h9vj-4r4f-c87f",
"modified": "2024-04-04T07:54:42Z",
"published": "2023-09-27T15:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43154"
},
{
"type": "WEB",
"url": "https://cxsecurity.com/issue/WLB-2023090075"
},
{
"type": "WEB",
"url": "https://github.com/ally-petitt/macs-cms-auth-bypass"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HC69-9V7Q-3FW3
Vulnerability from github – Published: 2025-09-16 00:30 – Updated: 2025-11-03 21:34A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause a denial-of-service.
{
"affected": [],
"aliases": [
"CVE-2025-43355"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T23:15:37Z",
"severity": "MODERATE"
},
"details": "A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause a denial-of-service.",
"id": "GHSA-hc69-9v7q-3fw3",
"modified": "2025-11-03T21:34:34Z",
"published": "2025-09-16T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43355"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125108"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125109"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125110"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125111"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125112"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125114"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125115"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/125116"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/49"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/53"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/54"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/55"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/56"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/57"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Sep/58"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HCQQ-P4C4-5775
Vulnerability from github – Published: 2025-06-08 12:30 – Updated: 2025-06-08 12:30in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
{
"affected": [],
"aliases": [
"CVE-2025-20063"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-08T12:15:20Z",
"severity": "LOW"
},
"details": "in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.",
"id": "GHSA-hcqq-p4c4-5775",
"modified": "2025-06-08T12:30:32Z",
"published": "2025-06-08T12:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20063"
},
{
"type": "WEB",
"url": "https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-06.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-HCR5-HP8W-36Q9
Vulnerability from github – Published: 2024-05-16 15:31 – Updated: 2025-11-04 18:30Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to.
When processing of hypercalls takes a considerable amount of time, the hypervisor may choose to invoke a hypercall continuation. Doing so involves putting (perhaps updated) hypercall arguments in respective registers. For guests not running in 64-bit mode this further involves a certain amount of translation of the values.
Unfortunately internal sanity checking of these translated values assumes high halves of registers to always be clear when invoking a hypercall. When this is found not to be the case, it triggers a consistency check in the hypervisor and causes a crash.
{
"affected": [],
"aliases": [
"CVE-2023-46842"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-16T14:15:08Z",
"severity": "MODERATE"
},
"details": "Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and\nother modes. This in particular means that they may set registers used\nto pass 32-bit-mode hypercall arguments to values outside of the range\n32-bit code would be able to set them to.\n\nWhen processing of hypercalls takes a considerable amount of time,\nthe hypervisor may choose to invoke a hypercall continuation. Doing so\ninvolves putting (perhaps updated) hypercall arguments in respective\nregisters. For guests not running in 64-bit mode this further involves\na certain amount of translation of the values.\n\nUnfortunately internal sanity checking of these translated values\nassumes high halves of registers to always be clear when invoking a\nhypercall. When this is found not to be the case, it triggers a\nconsistency check in the hypervisor and causes a crash.",
"id": "GHSA-hcr5-hp8w-36q9",
"modified": "2025-11-04T18:30:56Z",
"published": "2024-05-16T15:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46842"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5OK6MH75S7YWD34EWW7QIZTS627RIE3"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RYAZ7P6YFJ2E3FHKAGIKHWS46KYMMTZH"
},
{
"type": "WEB",
"url": "https://xenbits.xenproject.org/xsa/advisory-454.html"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-454.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HCVF-6JGC-FFMQ
Vulnerability from github – Published: 2023-01-30 09:30 – Updated: 2023-02-07 00:30Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
{
"affected": [],
"aliases": [
"CVE-2023-0473"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-30T09:15:00Z",
"severity": "HIGH"
},
"details": "Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
"id": "GHSA-hcvf-6jgc-ffmq",
"modified": "2023-02-07T00:30:26Z",
"published": "2023-01-30T09:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0473"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1404639"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0473"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HF45-H325-58J2
Vulnerability from github – Published: 2024-12-12 03:33 – Updated: 2025-11-04 00:32A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to access arbitrary files.
{
"affected": [],
"aliases": [
"CVE-2024-54524"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-12T02:15:31Z",
"severity": "MODERATE"
},
"details": "A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to access arbitrary files.",
"id": "GHSA-hf45-h325-58j2",
"modified": "2025-11-04T00:32:14Z",
"published": "2024-12-12T03:33:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54524"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/121839"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Dec/7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HG3H-CQP7-Q2WW
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the page method of XFA Layout objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this to execute code in the context of the current process. Was ZDI-CAN-5027.
{
"affected": [],
"aliases": [
"CVE-2017-14835"
],
"database_specific": {
"cwe_ids": [
"CWE-704",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-20T14:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the page method of XFA Layout objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this to execute code in the context of the current process. Was ZDI-CAN-5027.",
"id": "GHSA-hg3h-cqp7-q2ww",
"modified": "2022-05-13T01:37:35Z",
"published": "2022-05-13T01:37:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14835"
},
{
"type": "WEB",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-17-879"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HH66-2PCF-2272
Vulnerability from github – Published: 2025-11-18 00:30 – Updated: 2025-11-18 03:31Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
{
"affected": [],
"aliases": [
"CVE-2025-13226"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-18T00:15:47Z",
"severity": "HIGH"
},
"details": "Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"id": "GHSA-hh66-2pcf-2272",
"modified": "2025-11-18T03:31:14Z",
"published": "2025-11-18T00:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13226"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/446113732"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HMRC-68HP-82X6
Vulnerability from github – Published: 2025-09-24 18:30 – Updated: 2026-07-14 15:31Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
{
"affected": [],
"aliases": [
"CVE-2025-10585"
],
"database_specific": {
"cwe_ids": [
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-24T17:15:39Z",
"severity": "HIGH"
},
"details": "Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"id": "GHSA-hmrc-68hp-82x6",
"modified": "2026-07-14T15:31:27Z",
"published": "2025-09-24T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10585"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-470355.html"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html"
},
{
"type": "WEB",
"url": "https://issues.chromium.org/issues/445380761"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-10585"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HMRH-MQV8-RVVR
Vulnerability from github – Published: 2026-06-02 21:30 – Updated: 2026-06-30 03:36JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
{
"affected": [],
"aliases": [
"CVE-2026-10702"
],
"database_specific": {
"cwe_ids": [
"CWE-733",
"CWE-843"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-02T20:16:33Z",
"severity": "MODERATE"
},
"details": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.",
"id": "GHSA-hmrh-mqv8-rvvr",
"modified": "2026-06-30T03:36:54Z",
"published": "2026-06-02T21:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10702"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-10702"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2040903"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484118"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-10702.json"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-54"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.