Common Weakness Enumeration

CWE-704

Allowed-with-Review

Incorrect Type Conversion or Cast

Abstraction: Class · Status: Incomplete

The product does not correctly convert an object, resource, or structure from one type to a different type.

334 vulnerabilities reference this CWE, most recent first.

GHSA-V38R-CMM6-V8C3

Vulnerability from github – Published: 2024-11-19 21:31 – Updated: 2024-11-20 18:32
VLAI
Details

In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9339"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704",
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-19T19:15:05Z",
    "severity": "HIGH"
  },
  "details": "In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-v38r-cmm6-v8c3",
  "modified": "2024-11-20T18:32:16Z",
  "published": "2024-11-19T21:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9339"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2018-06-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V4WQ-4595-GR53

Vulnerability from github – Published: 2024-06-06 21:30 – Updated: 2024-10-15 21:30
VLAI
Details

OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-36735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-06T19:15:58Z",
    "severity": "MODERATE"
  },
  "details": "OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.",
  "id": "GHSA-v4wq-4595-gr53",
  "modified": "2024-10-15T21:30:34Z",
  "published": "2024-06-06T21:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36735"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/Redmept1on/4998e9b6435448cea07a8b2dbf96eedc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V69G-856V-C9CC

Vulnerability from github – Published: 2022-11-14 12:00 – Updated: 2025-11-03 21:30
VLAI
Details

A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. Upgrading to version 1.9.34 is able to address this issue. The name of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3979"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-13T23:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. Upgrading to version 1.9.34 is able to address this issue. The name of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.",
  "id": "GHSA-v69g-856v-c9cc",
  "modified": "2025-11-03T21:30:44Z",
  "published": "2022-11-14T12:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3979"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NagVis/nagvis/commit/7574fd8a2903282c2e0d1feef5c4876763db21d5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NagVis/nagvis/releases/tag/nagvis-1.9.34"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.213557"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.213557"
    },
    {
      "type": "WEB",
      "url": "https://www.sonarsource.com/blog/checkmk-rce-chain-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V6GC-7F3W-XC38

Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsFDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6010.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-14247"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-31T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsFDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6010.",
  "id": "GHSA-v6gc-7f3w-xc38",
  "modified": "2022-05-13T01:34:41Z",
  "published": "2022-05-13T01:34:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14247"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-707"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V79H-64CF-GW4X

Vulnerability from github – Published: 2023-07-04 06:30 – Updated: 2024-04-04 05:22
VLAI
Details

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21638"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-04T05:15:10Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.",
  "id": "GHSA-v79h-64cf-gw4x",
  "modified": "2024-04-04T05:22:25Z",
  "published": "2023-07-04T06:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21638"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VCP2-75R9-Q84Q

Vulnerability from github – Published: 2022-05-14 01:40 – Updated: 2022-05-14 01:40
VLAI
Details

In iOS before 11.2, a type confusion issue was addressed with improved memory handling.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-13888"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-11T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "In iOS before 11.2, a type confusion issue was addressed with improved memory handling.",
  "id": "GHSA-vcp2-75r9-q84q",
  "modified": "2022-05-14T01:40:17Z",
  "published": "2022-05-14T01:40:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13888"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208334"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VGC3-2W4V-5M3J

Vulnerability from github – Published: 2022-05-14 01:13 – Updated: 2022-05-14 01:13
VLAI
Details

A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-4284"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-03T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.",
  "id": "GHSA-vgc3-2w4v-5m3j",
  "modified": "2022-05-14T01:13:07Z",
  "published": "2022-05-14T01:13:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4284"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT208932"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT208933"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT208934"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT208935"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT208936"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT208938"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VGGM-JRF9-WH4R

Vulnerability from github – Published: 2022-05-13 01:27 – Updated: 2022-05-13 01:27
VLAI
Details

Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-3036"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-03-05T19:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.",
  "id": "GHSA-vggm-jrf9-wh4r",
  "modified": "2022-05-13T01:27:16Z",
  "published": "2022-05-13T01:27:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3036"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73647"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15072"
    },
    {
      "type": "WEB",
      "url": "http://code.google.com/p/chromium/issues/detail?id=113258"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/79795"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48265"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48419"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48527"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201203-19.xml"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5400"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5485"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5503"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52271"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026759"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-VGJQ-G92J-GVVR

Vulnerability from github – Published: 2022-09-03 00:00 – Updated: 2022-09-08 00:00
VLAI
Details

Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-02T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto",
  "id": "GHSA-vgjq-g92j-gvvr",
  "modified": "2022-09-08T00:00:28Z",
  "published": "2022-09-03T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22102"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/july-2022-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VH45-GFXF-VR42

Vulnerability from github – Published: 2026-02-24 09:31 – Updated: 2026-02-24 09:31
VLAI
Details

An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.

This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-40541"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639",
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-24T08:16:28Z",
    "severity": "CRITICAL"
  },
  "details": "An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account.\n\nThis issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.",
  "id": "GHSA-vh45-gfxf-vr42",
  "modified": "2026-02-24T09:31:21Z",
  "published": "2026-02-24T09:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40541"
    },
    {
      "type": "WEB",
      "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm"
    },
    {
      "type": "WEB",
      "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40541"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.