CWE-704
Incorrect Type Conversion or Cast
The product does not correctly convert an object, resource, or structure from one type to a different type.
260 vulnerabilities with CWE-704
CVE-2026-40613
HIGH
Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64)
CVSS 7.5
CVE-2026-34379
HIGH
OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)
CVSS 7.1
CVE-2026-27809
CRITICAL
psd-tools <1.12.2 - DoS
CVSS 9.1
CVE-2026-25613
MEDIUM
MongoDB - DoS
CVSS 6.5
CVE-2026-25518
MEDIUM
Cert-manager < 1.18.5 - Denial of Service
CVSS 5.9
CVE-2026-25503
HIGH
Color Iccdev < 2.3.1.2 - Type Confusion
CVSS 7.1
CVE-2026-24856
HIGH
iccDEV <2.3.1.2 - RCE
CVSS 7.8
CVE-2026-22041
MEDIUM
Logging Redactor <0.0.6 - Type Error
CVSS 5.3
CVE-2026-21692
HIGH
Color Iccdev < 2.3.1.2 - Type Confusion
CVSS 8.8
CVE-2026-21673
HIGH
Color Iccdev < 2.3.1.1 - Integer Overflow
CVSS 7.8
CVE-2025-40541
CRITICAL
Serv-U - Privilege Escalation
CVSS 9.1
CVE-2025-40540
CRITICAL
Serv-U - Memory Corruption
CVSS 9.1
CVE-2025-40539
CRITICAL
Serv-U - Memory Corruption
CVSS 9.1
CVE-2025-71002
MEDIUM
Oneflow - Divide By Zero
CVSS 6.5
CVE-2025-12781
MEDIUM
base64 module - Info Disclosure
CVSS 5.3
CVE-2025-13720
HIGH
Google Chrome <143.0.7499.41 - Heap Corruption
CVSS 8.8
CVE-2025-62494
HIGH
Quickjs < 2025-09-13 - Out-of-Bounds Access
CVSS 8.8
CVE-2025-39880
HIGH
Linux kernel - Memory Corruption
CVSS 7.8
CVE-2025-54429
MEDIUM
Polkadot Frontier - Info Disclosure
CVE-2025-41648
CRITICAL
IndustrialPI - Auth Bypass
CVSS 9.8
CVE-2025-41646
CRITICAL
Software Package - Auth Bypass
CVSS 9.8
CVE-2025-37746
MEDIUM
Linux kernel - Info Disclosure
CVSS 5.5
CVE-2025-22044
MEDIUM
Linux kernel - Info Disclosure
CVSS 5.5
CVE-2025-1057
MEDIUM
Keylime <7.12.0 - Info Disclosure
CVSS 4.3
CVE-2025-20072
MEDIUM
Mattermost Mobile <=2.22.0 - Code Injection
CVSS 6.5
Details
Vulnerabilities
260