CWE-704
Incorrect Type Conversion or Cast
Description
The product does not correctly convert an object, resource, or structure from one type to a different type.
Hierarchy (View 1000)
CVEs mapped to this weakness (169)
page 6 of 9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-7617 | Hig | 0.54 | 7.8 | 0.05 | Feb 20, 2017 | An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app. | ||
| CVE-2017-7813 | Hig | 0.53 | 8.2 | 0.02 | Jun 11, 2018 | Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier… | ||
| CVE-2024-35303 | Hig | 0.51 | 7.8 | 0.00 | Jun 11, 2024 | A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (All versions < V2404.0001). The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This… | ||
| CVE-2020-11725 | Hig | 0.51 | 7.8 | 0.01 | Apr 12, 2020 | snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant… | ||
| CVE-2018-9490 | Hig | 0.51 | 7.8 | 0.01 | Oct 2, 2018 | In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:… | ||
| CVE-2018-16513 | Hig | 0.51 | 7.8 | 0.01 | Sep 5, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. | ||
| CVE-2018-16511 | Hig | 0.51 | 7.8 | 0.02 | Sep 5, 2018 | An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. | ||
| CVE-2018-15910 | Hig | 0.51 | 7.8 | 0.03 | Aug 27, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | ||
| CVE-2018-15909 | Hig | 0.51 | 7.8 | 0.03 | Aug 27, 2018 | In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. | ||
| CVE-2018-4219 | Hig | 0.51 | 7.8 | 0.01 | Jun 8, 2018 | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "ATS" component. It allows attackers to gain privileges via a crafted app that leverages type confusion. | ||
| CVE-2017-16745 | Hig | 0.51 | 7.8 | 0.01 | Mar 15, 2018 | A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing… | ||
| CVE-2017-8159 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type… | ||
| CVE-2017-9042 | Hig | 0.51 | 7.8 | 0.02 | May 18, 2017 | readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file. | ||
| CVE-2016-8602 | Hig | 0.51 | 7.8 | 0.03 | Apr 14, 2017 | The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | ||
| CVE-2016-7655 | Hig | 0.51 | 7.8 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users to gain privileges or cause a denial of service (type confusion) via… | ||
| CVE-2017-2962 | Hig | 0.51 | 7.8 | 0.10 | Jan 11, 2017 | Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2016-4710 | Hig | 0.51 | 7.8 | 0.00 | Sep 25, 2016 | WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709. | ||
| CVE-2016-4709 | Hig | 0.51 | 7.8 | 0.00 | Sep 25, 2016 | WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710. | ||
| CVE-2018-14379 | Hig | 0.50 | 8.8 | 0.02 | Jul 18, 2018 | MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4… | ||
| CVE-2018-8076 | Hig | 0.49 | 7.5 | 0.01 | Mar 15, 2018 | ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in… |
- risk 0.54cvss 7.8epss 0.05
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.
- risk 0.53cvss 8.2epss 0.02
Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier…
- risk 0.51cvss 7.8epss 0.00
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0012), Tecnomatix Plant Simulation V2404 (All versions < V2404.0001). The affected applications contain a type confusion vulnerability while parsing specially crafted MODEL files. This…
- risk 0.51cvss 7.8epss 0.01
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant…
- risk 0.51cvss 7.8epss 0.01
In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…
- risk 0.51cvss 7.8epss 0.01
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
- risk 0.51cvss 7.8epss 0.02
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
- risk 0.51cvss 7.8epss 0.03
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
- risk 0.51cvss 7.8epss 0.03
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "ATS" component. It allows attackers to gain privileges via a crafted app that leverages type confusion.
- risk 0.51cvss 7.8epss 0.01
A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing…
- risk 0.51cvss 7.8epss 0.01
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type…
- risk 0.51cvss 7.8epss 0.02
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
- risk 0.51cvss 7.8epss 0.03
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "CoreMedia External Displays" component. It allows local users to gain privileges or cause a denial of service (type confusion) via…
- risk 0.51cvss 7.8epss 0.10
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution.
- risk 0.51cvss 7.8epss 0.00
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709.
- risk 0.51cvss 7.8epss 0.00
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710.
- risk 0.50cvss 8.8epss 0.02
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4…
- risk 0.49cvss 7.5epss 0.01
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in…