CWE-704
271 CVEs • Abstraction: Class
Incorrect Type Conversion or Cast
The product does not correctly convert an object, resource, or structure from one type to a different type.
CVEs (271)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Qualcomm 9Qca6595 Firmware Qca6595au FirmwareQca6696 Firmware+6 moreJun 17, 2026 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in Audio due to incorrect type cast during audio use-cases. |
1Mozilla 3Firefox Firefox EsrThunderbirdJun 17, 2026 Jun 2, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102....Show more |
1Mozilla 3Firefox Firefox EsrThunderbirdJun 17, 2026 Jun 2, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. |
1Qualcomm 220315 5g Iot Modem Firmware 8905 Firmware8909 Firmware+217 moreJun 17, 2026 May 2, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in Graphics while importing a file. |
1Qualcomm 16Qca6595 Firmware Qca6595au FirmwareQca6696 Firmware+13 moreJun 17, 2026 Apr 13, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM. |
1Qualcomm 284Apq8009 Firmware Apq8017 FirmwareApq8076 Firmware+281 moreJun 17, 2026 Mar 10, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
1Qualcomm 32Aqt1000 Firmware Mdm9150 FirmwareQca6391 Firmware+29 moreJun 17, 2026 Jan 9, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields |
TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, co...Show more |
TensorFlow is an open source platform for machine learning. If `BCast::ToShape` is given input larger than an `int32`, it will crash, despite being supposed to handle up to an `int64`. An example can be seen in `tf.exper...Show more |
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argume...Show more |
1Schneider Electric 2Ecostruxure Operator Terminal Expert Pro Face BlueJun 17, 2026 Nov 4, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in execution of malicio...Show more |
1Amazon 1Amazon Web Services Redshift Java Database Connectivity Driver Jun 17, 2026 Sep 29, 2022 N/A· v4 8.1 HIGH· v3 N/A· v2 In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name. |
3Fedoraproject PythonRedhat5Enterprise Linux FedoraPython+2 moreJun 17, 2026 Sep 9, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (fl...Show more |
1Qualcomm 9Qca6574au Firmware Qca6696 FirmwareSa6145p Firmware+6 moreJun 17, 2026 Sep 2, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto |
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patc...Show more |
2Libpq Project Pg Native Project2Libpq Pg NativeJun 17, 2026 Jun 17, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argume...Show more |
3Fedoraproject ImagemagickRedhat3Enterprise Linux FedoraImagemagickJun 17, 2026 Jun 16, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input i...Show more |
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the int...Show more |
1Qualcomm 6Sd 8 Gen1 5g Firmware Wcd9380 FirmwareWcn6855 Firmware+3 moreJun 17, 2026 Jun 14, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile |
2Ipmatcher Project Watsonwebserver Project2Ipmatcher WatsonwebserverJun 17, 2026 May 16, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addres...Show more |