VYPR

CWE-704

Incorrect Type Conversion or Cast

ClassIncomplete

Description

The product does not correctly convert an object, resource, or structure from one type to a different type.

Hierarchy (View 1000)

CVEs mapped to this weakness (169)

page 1 of 9
  • CVE-2010-20115CriAug 21, 2025
    risk 0.68cvss epss 0.01

    Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate…

  • CVE-2025-41648CriJul 1, 2025
    risk 0.64cvss 9.8epss 0.01

    An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI.

  • CVE-2018-12812CriJul 20, 2018
    risk 0.64cvss 9.8epss 0.09

    Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4944CriMay 19, 2018
    risk 0.64cvss 9.8epss 0.09

    Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2017-9183CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.02

    libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7.

  • CVE-2016-7979CriMay 23, 2017
    risk 0.64cvss 9.8epss 0.06

    Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.

  • CVE-2017-3106HigAug 11, 2017
    risk 0.62cvss 8.8epss 0.22

    Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.

  • CVE-2018-5007HigJul 20, 2018
    risk 0.59cvss 8.8epss 0.18

    Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-3843HigApr 19, 2018
    risk 0.59cvss 8.8epss 0.24

    An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive…

  • CVE-2017-5115HigOct 27, 2017
    risk 0.59cvss 8.8epss 0.26

    Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

  • CVE-2018-5057HigJul 20, 2018
    risk 0.58cvss 8.8epss 0.09

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-12794HigJul 20, 2018
    risk 0.58cvss 8.8epss 0.16

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4953HigJul 9, 2018
    risk 0.58cvss 8.8epss 0.10

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4945HigJul 9, 2018
    risk 0.58cvss 8.8epss 0.07

    Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-7407HigMay 24, 2018
    risk 0.58cvss 8.8epss 0.04

    An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.…

  • CVE-2017-16379HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion overflow vulnerability in…

  • CVE-2017-16367HigDec 9, 2017
    risk 0.58cvss 8.8epss 0.07

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion overflow vulnerability. The…

  • CVE-2017-11257HigAug 11, 2017
    risk 0.58cvss 8.8epss 0.08

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-11221HigAug 11, 2017
    risk 0.58cvss 8.8epss 0.09

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-7865HigNov 8, 2016
    risk 0.58cvss 8.8epss 0.07

    Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.