Common Weakness Enumeration

CWE-843

Allowed

Access of Resource Using Incompatible Type ('Type Confusion')

Abstraction: Base · Status: Incomplete

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

1041 vulnerabilities reference this CWE, most recent first.

GHSA-WGFR-MF59-497P

Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32
VLAI
Details

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-55025"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-14T18:18:13Z",
    "severity": "HIGH"
  },
  "details": "Access of resource using incompatible type (\u0027type confusion\u0027) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.",
  "id": "GHSA-wgfr-mf59-497p",
  "modified": "2026-07-14T18:32:32Z",
  "published": "2026-07-14T18:32:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55025"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WGW2-WWQ8-C7WF

Vulnerability from github – Published: 2022-05-13 01:20 – Updated: 2025-10-22 17:37
VLAI
Summary
ChakraCore RCE Vulnerability
Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Microsoft.ChakraCore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-8298"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-21T20:39:24Z",
    "nvd_published_at": "2018-07-11T00:29:00Z",
    "severity": "HIGH"
  },
  "details": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.",
  "id": "GHSA-wgw2-wwq8-c7wf",
  "modified": "2025-10-22T17:37:09Z",
  "published": "2022-05-13T01:20:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8298"
    },
    {
      "type": "WEB",
      "url": "https://github.com/chakra-core/ChakraCore/pull/5444"
    },
    {
      "type": "WEB",
      "url": "https://github.com/chakra-core/ChakraCore/commit/cb9957e2763c36dbd12afa5c9261465159e16c86"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/chakra-core/ChakraCore"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20210124183835/http://www.securityfocus.com/bid/104639"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8298"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45217"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ChakraCore RCE Vulnerability"
}

GHSA-WH89-H5F7-HHCR

Vulnerability from github – Published: 2023-08-03 03:30 – Updated: 2023-11-25 12:30
VLAI
Details

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4068"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-03T01:15:11Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-wh89-h5f7-hhcr",
  "modified": "2023-11-25T12:30:22Z",
  "published": "2023-08-03T03:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4068"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1466183"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202311-11"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202312-07"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-34"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5467"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WHC4-7QG7-64GG

Vulnerability from github – Published: 2026-04-02 21:32 – Updated: 2026-04-02 21:32
VLAI
Details

A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-43236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-02T19:20:10Z",
    "severity": "LOW"
  },
  "details": "A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.",
  "id": "GHSA-whc4-7qg7-64gg",
  "modified": "2026-04-02T21:32:52Z",
  "published": "2026-04-02T21:32:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43236"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/124149"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/124150"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/124151"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WHC8-X8VC-W8V2

Vulnerability from github – Published: 2023-03-10 12:30 – Updated: 2023-03-14 18:30
VLAI
Details

The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-10T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions, OpenHarmony-v3.0.7 and prior versions has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.",
  "id": "GHSA-whc8-x8vc-w8v2",
  "modified": "2023-03-14T18:30:21Z",
  "published": "2023-03-10T12:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0083"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-02.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WHHV-GG5V-864R

Vulnerability from github – Published: 2026-03-20 15:56 – Updated: 2026-03-20 15:56
VLAI
Summary
Qwik City has array method pollution in FormData processing allows type confusion and DoS
Details

Summary

Qwik City improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be written onto values that application code expected to be arrays.

Description

When processing application/x-www-form-urlencoded or multipart/form-data requests, Qwik City converted dotted field names such as items.0 and items.1 into nested structures. If a path was interpreted as an array, additional attacker-controlled keys on the same path, such as items.toString, items.push, items.valueOf, or items.length, could alter the resulting server-side value in unexpected ways.

Applications that assumed these parsed values were safe arrays could be affected. Depending on application behavior, this could lead to request handling failures, denial of service through malformed array state or oversized lengths, and type confusion in downstream code.

This issue affects form parsing in Qwik City request handling. It does not require authentication if the vulnerable route is publicly reachable.

Impact

An attacker can send crafted form submissions that cause parsed input to differ from the application’s expected shape. Possible outcomes include: - Triggering runtime errors when application code calls array methods on attacker-influenced values - Inflating array length or otherwise creating malformed structures that increase server work or memory use - Causing type confusion in application logic that trusts parsed form data to be a normal array

There is no direct evidence that this issue enables confidentiality or integrity impact by itself; the primary risk is denial of service and application instability.

Patched Versions

Patched in 1.19.2.

Workarounds

Until patched, avoid trusting parsed form data to be a well-formed array when using dotted field names, and validate or normalize action input before using array methods or relying on array shape.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@builder.io/qwik-city"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.19.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-32701"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-20T15:56:44Z",
    "nvd_published_at": "2026-03-20T09:16:14Z",
    "severity": "HIGH"
  },
  "details": "**Summary**\n\nQwik City improperly inferred arrays from dotted form field names during `FormData` parsing. By submitting mixed array-index and object-property keys for the same path, an attacker could cause user-controlled properties to be written onto values that application code expected to be arrays.\n\n**Description**\n\nWhen processing `application/x-www-form-urlencoded` or `multipart/form-data` requests, Qwik City converted dotted field names such as `items.0` and `items.1` into nested structures. If a path was interpreted as an array, additional attacker-controlled keys on the same path, such as `items.toString`, `items.push`, `items.valueOf`, or `items.length`, could alter the resulting server-side value in unexpected ways.\n\nApplications that assumed these parsed values were safe arrays could be affected. Depending on application behavior, this could lead to request handling failures, denial of service through malformed array state or oversized lengths, and type confusion in downstream code.\n\nThis issue affects form parsing in Qwik City request handling. It does not require authentication if the vulnerable route is publicly reachable.\n\n**Impact**\n\nAn attacker can send crafted form submissions that cause parsed input to differ from the application\u2019s expected shape. Possible outcomes include:\n- Triggering runtime errors when application code calls array methods on attacker-influenced values\n- Inflating array length or otherwise creating malformed structures that increase server work or memory use\n- Causing type confusion in application logic that trusts parsed form data to be a normal array\n\nThere is no direct evidence that this issue enables confidentiality or integrity impact by itself; the primary risk is denial of service and application instability.\n\n**Patched Versions**\n\nPatched in 1.19.2.\n\n**Workarounds**\n\nUntil patched, avoid trusting parsed form data to be a well-formed array when using dotted field names, and validate or normalize action input before using array methods or relying on array shape.",
  "id": "GHSA-whhv-gg5v-864r",
  "modified": "2026-03-20T15:56:44Z",
  "published": "2026-03-20T15:56:44Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/QwikDev/qwik/security/advisories/GHSA-whhv-gg5v-864r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32701"
    },
    {
      "type": "WEB",
      "url": "https://github.com/QwikDev/qwik/commit/7b5867c3dd8925df9aa96c4296b1e95a4c2af87d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/QwikDev/qwik"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Qwik City has array method pollution in FormData processing allows type confusion and DoS"
}

GHSA-WJX3-JQ4J-9WRW

Vulnerability from github – Published: 2025-11-18 00:30 – Updated: 2025-11-18 03:31
VLAI
Details

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13228"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-18T00:15:47Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-wjx3-jq4j-9wrw",
  "modified": "2025-11-18T03:31:14Z",
  "published": "2025-11-18T00:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13228"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/446124893"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WMG2-2X6G-R8Q6

Vulnerability from github – Published: 2023-01-12 09:30 – Updated: 2023-01-20 21:30
VLAI
Details

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23454"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-12T07:15:00Z",
    "severity": "MODERATE"
  },
  "details": "cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).",
  "id": "GHSA-wmg2-2x6g-r8q6",
  "modified": "2023-01-20T21:30:29Z",
  "published": "2023-01-12T09:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23454"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5324"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2023/01/10/1"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2023/01/10/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WPP2-F4WP-VR8H

Vulnerability from github – Published: 2022-11-15 12:00 – Updated: 2025-04-30 21:31
VLAI
Details

An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-3903"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-14T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.",
  "id": "GHSA-wpp2-f4wp-vr8h",
  "modified": "2025-04-30T21:31:42Z",
  "published": "2022-11-15T12:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3903"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA%40mail.gmail.com"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/all/E1obysd-009Grw-He%40www.linuxtv.org"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/all/E1obysd-009Grw-He@www.linuxtv.org"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQ6F-GFJM-68CQ

Vulnerability from github – Published: 2026-05-14 21:30 – Updated: 2026-05-15 15:30
VLAI
Details

Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8554"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-843"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-14T20:17:16Z",
    "severity": "LOW"
  },
  "details": "Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-wq6f-gfjm-68cq",
  "modified": "2026-05-15T15:30:39Z",
  "published": "2026-05-14T21:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8554"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/499131214"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.