Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-704

CWE-704

Incorrect Type Conversion or Cast

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not correctly convert an object, resource, or structure from one type to a different type.

268 vulnerabilities with CWE-704

CVE-2026-46690 MEDIUM

unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

CVE-2026-45685 HIGH

OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages

CVE-2026-44324 MEDIUM

free5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)

CVE-2026-46597 HIGH

Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

CVE-2026-44223 MEDIUM

vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

CVE-2026-42576 MEDIUM

apko <1.2.7 DiscoverKeys - Denial of Service

CVE-2026-40613 HIGH

Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64)

CVE-2026-34379 HIGH

OpenEXR DWA/DWAB LossyDctDecoder - Misaligned Write

CVE-2026-27809 CRITICAL

psd-tools < 1.12.2 - Denial of Service via Malformed RLE-Compressed Image Data

CVE-2026-25613 MEDIUM

MongoDB 7.0.0-7.0.28 - Denial of Service via Invalid Compound Wildcard Index Query

CVE-2026-25518 MEDIUM

cert-manager 1.18.0-1.18.4 and 1.19.0-1.19.2 - Denial of Service via ACME DNS-01 Processing

CVE-2026-25503 HIGH

iccdev < 2.3.1.2 - Denial of Service via Malformed ICC Profile

CVE-2026-24856 HIGH

iccDEV < 2.3.1.2 - Memory Corruption via Floating-Point NaN to Unsigned Short Conversion

CVE-2026-22041 MEDIUM

Logging Redactor <0.0.6 - Type Error

CVE-2026-21692 HIGH

iccdev < 2.3.1.2 - Type Confusion in ToXmlCurve()

CVE-2026-21673 HIGH

iccDEV < 2.3.1.1 - Integer Overflow in CIccXmlArrayType::ParseTextCountNum()

CVE-2025-40541 CRITICAL

SolarWinds Serv-U < 15.5.4 - Authenticated Insecure Direct Object Reference

CVE-2025-40540 CRITICAL

SolarWinds Serv-U < 15.5.4 - Authenticated Remote Code Execution via Type Confusion

CVE-2025-40539 CRITICAL

SolarWinds Serv-U < 15.5.4 - Authenticated Remote Code Execution via Type Confusion

CVE-2025-71002 MEDIUM

OneFlow v0.9.0 - Denial of Service via Floating-Point Exception in flow.column_stack

CVE-2025-12781 MEDIUM

Python < 3.13.10 - Incorrect Type Conversion in base64 Decode Functions

CVE-2025-13720 HIGH

Google Chrome <143.0.7499.41 - Heap Corruption

CVE-2025-62494 HIGH

QuickJS < 2025-09-13 - Type Confusion via String Addition Operation

CVE-2025-39880 HIGH

Linux Kernel 5.11-6.16.7 Memory Corruption via ceph_connection_v1_info Union Misuse

CVE-2025-54429 MEDIUM

Polkadot Frontier - Info Disclosure

Page 1 of 11 Next

Details

Vulnerabilities 268

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy