Common Weakness Enumeration

CWE-843

Allowed

Access of Resource Using Incompatible Type ('Type Confusion')

Abstraction: Base · Status: Incomplete

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

1041 vulnerabilities reference this CWE, most recent first.

GHSA-M832-C36H-PR9R

Vulnerability from github – Published: 2023-05-29 03:30 – Updated: 2024-04-04 04:22
VLAI
Details

OX App Suite before backend 7.10.6-rev37 allows authenticated users to change the appointments of arbitrary users via conflicting ID numbers, aka "ID confusion."

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24599"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-29T03:15:09Z",
    "severity": "MODERATE"
  },
  "details": "OX App Suite before backend 7.10.6-rev37 allows authenticated users to change the appointments of arbitrary users via conflicting ID numbers, aka \"ID confusion.\"",
  "id": "GHSA-m832-c36h-pr9r",
  "modified": "2024-04-04T04:22:26Z",
  "published": "2023-05-29T03:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24599"
    },
    {
      "type": "WEB",
      "url": "https://open-xchange.com"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/May/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M8QW-RFH7-66F9

Vulnerability from github – Published: 2026-07-01 00:34 – Updated: 2026-07-01 03:35
VLAI
Details

Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Low)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-14119"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-30T23:17:23Z",
    "severity": "MODERATE"
  },
  "details": "Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Low)",
  "id": "GHSA-m8qw-rfh7-66f9",
  "modified": "2026-07-01T03:35:23Z",
  "published": "2026-07-01T00:34:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14119"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/513775483"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M8XH-CQC2-5Q6F

Vulnerability from github – Published: 2022-03-29 00:01 – Updated: 2022-04-01 17:14
VLAI
Summary
Type Confusion in ImpressCMS
Details

ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "impresscms/impresscms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-26600"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-04-01T17:14:56Z",
    "nvd_published_at": "2022-03-28T01:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).",
  "id": "GHSA-m8xh-cqc2-5q6f",
  "modified": "2022-04-01T17:14:56Z",
  "published": "2022-03-29T00:01:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26600"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1081986"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ImpressCMS/impresscms"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImpressCMS/impresscms/releases/tag/v1.4.3"
    },
    {
      "type": "WEB",
      "url": "http://karmainsecurity.com/KIS-2022-01"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/166393/ImpressCMS-1.4.2-Authentication-Bypass.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Mar/43"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Type Confusion in ImpressCMS"
}

GHSA-MC2W-PHMV-5VHG

Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30
VLAI
Details

Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-20806"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T18:16:42Z",
    "severity": "MODERATE"
  },
  "details": "Access of resource using incompatible type (\u0027type confusion\u0027) in Windows COM allows an authorized attacker to disclose information locally.",
  "id": "GHSA-mc2w-phmv-5vhg",
  "modified": "2026-04-14T18:30:36Z",
  "published": "2026-04-14T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20806"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20806"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MC8V-MGRF-8F4M

Vulnerability from github – Published: 2021-11-18 16:13 – Updated: 2021-12-13 13:12
VLAI
Summary
Clarify Content-Type handling
Details

Impact

In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both “manifests” and “layers” fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently.

Patches

The OCI Distribution Specification will be updated to require that a mediaType value present in a manifest or index match the Content-Type header used during the push and pull operations.

Workarounds

Clients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both “manifests” and “layers” fields or “manifests” and “config” fields.

References

https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh

For more information

If you have any questions or comments about this advisory: * Open an issue in https://github.com/opencontainers/distribution-spec/ * Email us at security@opencontainers.org

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/opencontainers/distribution-spec"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41190"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-11-17T23:13:37Z",
    "nvd_published_at": "2021-11-17T20:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\nIn the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both \u201cmanifests\u201d and \u201clayers\u201d fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently.\n\n### Patches\nThe OCI Distribution Specification will be updated to require that a `mediaType` value present in a manifest or index match the Content-Type header used during the push and pull operations.\n\n### Workarounds\nClients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both \u201cmanifests\u201d and \u201clayers\u201d fields or \u201cmanifests\u201d and \u201cconfig\u201d fields.\n\n### References\nhttps://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in https://github.com/opencontainers/distribution-spec/\n* Email us at security@opencontainers.org\n",
  "id": "GHSA-mc8v-mgrf-8f4m",
  "modified": "2021-12-13T13:12:02Z",
  "published": "2021-11-18T16:13:08Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41190"
    },
    {
      "type": "WEB",
      "url": "https://github.com/opencontainers/distribution-spec/commit/ac28cac0557bcd3084714ab09f9f2356fe504923"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/opencontainers/distribution-spec"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TUZNDAH2B26VPBK342UC3BHZNLBUXGX"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4334HT7AZPLWNYHW4ARU6JBUF3VZJPZN"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RRFNTMFYKOTRKD37F5ANMCIO3GGJML"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DX63GRWFEI5RVMYV6XLMCG4OHPWZML27"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RZTO6N55WHKHIZI4IMLY2QFBPMVTAERM"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQBCYJUIM5GVCMFUPRWKRZNXMMI5EFA4"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4OJ764CKKCWCVONHD4YXTGR7HZ7LRUV"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YIGVQWOA5XXCQXEOOKZX4CDAGLBDRPRX"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/11/19/10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Clarify Content-Type handling"
}

GHSA-MG49-JQGW-GCJ6

Vulnerability from github – Published: 2024-05-02 21:30 – Updated: 2024-11-18 16:26
VLAI
Summary
libxmljs vulnerable to type confusion when parsing specially crafted XML
Details

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "libxmljs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-34392"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-03T20:24:04Z",
    "nvd_published_at": "2024-05-02T19:15:06Z",
    "severity": "CRITICAL"
  },
  "details": "libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the `namespaces()` function (which invokes `_wrap__xmlNode_nsDef_get()`) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution.",
  "id": "GHSA-mg49-jqgw-gcj6",
  "modified": "2024-11-18T16:26:40Z",
  "published": "2024-05-02T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34392"
    },
    {
      "type": "WEB",
      "url": "https://github.com/libxmljs/libxmljs/issues/646"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/libxmljs/libxmljs"
    },
    {
      "type": "WEB",
      "url": "https://research.jfrog.com/vulnerabilities/libxmljs-namespaces-type-confusion-rce-jfsa-2024-001034096"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "libxmljs vulnerable to type confusion when parsing specially crafted XML "
}

GHSA-MH9G-8CMW-MV9M

Vulnerability from github – Published: 2026-06-05 00:31 – Updated: 2026-06-05 03:31
VLAI
Details

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10910"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-04T23:16:52Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-mh9g-8cmw-mv9m",
  "modified": "2026-06-05T03:31:30Z",
  "published": "2026-06-05T00:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10910"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/508811477"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MHX4-XRCQ-H9G5

Vulnerability from github – Published: 2023-01-26 21:30 – Updated: 2023-02-01 18:30
VLAI
Details

In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege of BLE with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228602963

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20461"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-26T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege of BLE with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228602963",
  "id": "GHSA-mhx4-xrcq-h9g5",
  "modified": "2023-02-01T18:30:31Z",
  "published": "2023-01-26T21:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20461"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2023-01-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MJ34-7H26-PJ8G

Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2023-02-02 15:30
VLAI
Details

A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-11706"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-07-23T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw in Thunderbird\u0027s implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird \u003c 60.7.1.",
  "id": "GHSA-mj34-7h26-pj8g",
  "modified": "2023-02-02T15:30:36Z",
  "published": "2022-05-24T16:50:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11706"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1555646"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201908-20"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2019-17"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MJ9C-F5V6-7665

Vulnerability from github – Published: 2025-07-01 00:30 – Updated: 2025-10-22 00:33
VLAI
Details

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-6554"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-30T22:15:29Z",
    "severity": "HIGH"
  },
  "details": "Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-mj9c-f5v6-7665",
  "modified": "2025-10-22T00:33:18Z",
  "published": "2025-07-01T00:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6554"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/427663123"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6554"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.