CWE-704

Incorrect Type Conversion or Cast

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not correctly convert an object, resource, or structure from one type to a different type.

268 vulnerabilities with CWE-704
CVE-2016-5161 HIGH
Google Chrome < 53.0.2785.89 - Type Confusion in StylePropertySerializer
CVSS 8.8
CVE-2016-5263 HIGH
Firefox < 48.0 and Firefox ESR 45.x < 45.3 - Remote Code Execution via nsDisplayList::HitTest Type Confusion
CVSS 8.8
CVE-2015-5219 HIGH
SNTP <4.2.7p366 - DoS
CVSS 7.5
CVE-2015-3120
Adobe Flash Player <13.0.0.302 & 14.x-18.x - RCE
CVE-2014-9627 HIGH
VLC media player < 2.1.6 - Denial of Service via MP4 Box Size Integer Cast
CVSS 7.8
CVE-2011-1805 HIGH
Google Chrome <11.0.0.0 - Heap Corruption
CVSS 8.8
CVE-2011-2337 CRITICAL
Blink < M12 - Incorrect Type Conversion in strlen Return Value
CVSS 9.8
CVE-2011-1460 CRITICAL
Blink < M11 - Use-After-Free via Anonymous Block Rendering
CVSS 9.8
CVE-2011-3037
Google Chrome < 17.0.963.65 - Denial of Service via Anonymous Block Casting
CVE-2011-3036
Google Chrome < 17.0.963.65 - Denial of Service via Line Box Handling
CVE-2011-3027
Google Chrome < 17.0.963.56 - Denial of Service via Column Handling Cast Issue
CVE-2011-1799
Google Chrome < 11.0.696.68 - Denial of Service via WebKit Variable Cast Handling
CVE-2011-1441
Google Chrome < 11.0.696.57 - Denial of Service via Floating Select List Handling
CVE-2011-1200
Google Chrome < 10.0.648.127 - Denial of Service via Text Rendering Cast Issue
CVE-2011-0483
Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Denial of Service via Video Handling Cast Issue
CVE-2011-0482
Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Denial of Service via Anchor Handling
CVE-2010-20115 CRITICAL
Vermillion FTP Daemon <1.31 - Memory Corruption
CVE-2010-1822 HIGH
Safari < 4.1.3 and 5.0.x < 5.0.3 - Remote Code Execution via SVG Element Type Confusion
CVSS 8.8
Details
Vulnerabilities 268
Links
MITRE CWE Entry Search this CWE With Exploits