← Back
CWE-704

272 CVEs • Abstraction: Class

Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.

JSON object

Loading...

CVEs (272)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Rand Project
1Rand
Jun 17, 2026
Sep 14, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.
1Accusoft
1Imagegear
Jun 17, 2026
Sep 1, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malic...Show more
A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability.Show less
1Google
1Chrome
Nov 21, 2024
Jun 3, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
1Qualcomm
36Apq8009 Firmware
Apq8098 FirmwareIpq6018 Firmware+33 more
Jun 17, 2026
Jun 2, 2020
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu...Show more
Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130Show less
1Linux
1Linux Kernel
Jun 17, 2026
Apr 12, 2020
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel en...Show more
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept. The existing callers, SNDRV_CTL_IOCTL_ELEM_ADD and SNDRV_CTL_IOCTL_ELEM_REPLACE, have been designed to misuse the info->owner field in a safe wayShow less
1Videolan
1Vlc Media Player
Nov 21, 2024
Jan 24, 2020
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cau...Show more
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.Show less
1Forcepoint
1Next Generation Firewall Security Management Center
Jun 17, 2026
Dec 23, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the S...Show more
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next Generation Firewall (NGFW), possibly resulting in settings that are weaker than expected. All SMC versions lower than 6.5.12 or 6.7.1 are vulnerable.Show less
1Google
1Blink
Nov 21, 2024
Nov 7, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms.
1Google
1Blink
Nov 21, 2024
Nov 5, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks.
1Cisco
2Adaptive Security Appliance
Adaptive Security Appliance Software
Jun 17, 2026
Oct 2, 2019
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to...Show more
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash.Show less
1Php
1Ext Http
Nov 21, 2024
Sep 6, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and po...Show more
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests.Show less
2Jenkins
Redhat
2Openshift Container Platform
Script Security
Jun 17, 2026
Jul 31, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.
1Qualcomm
40Mdm9150 Firmware
Mdm9206 FirmwareMdm9607 Firmware+37 more
Jun 17, 2026
Jul 25, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...Show more
Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20Show less
1Google
1Chrome
Jun 17, 2026
Jun 27, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
1Apple
1Mac Os X
Nov 21, 2024
Apr 3, 2019
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
1Apple
6Icloud
Iphone OsItunes+3 more
Nov 21, 2024
Apr 3, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
2Debian
Libraw
2Debian Linux
Libraw
Jun 17, 2026
Feb 20, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.
4Debian
FedoraprojectGoogle+1 more
6Chrome
Debian LinuxEnterprise Linux Desktop+3 more
Jun 17, 2026
Feb 19, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
1Schneider Electric
1Guicon
Jun 17, 2026
Feb 6, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file
1Schneider Electric
1Guicon
Jun 17, 2026
Feb 6, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file