CWE-704

Incorrect Type Conversion or Cast

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not correctly convert an object, resource, or structure from one type to a different type.

268 vulnerabilities with CWE-704
CVE-2023-21651 CRITICAL
Qualcomm TEE Core Firmware - Memory Corruption
CVSS 9.3
CVE-2023-21627 MEDIUM
Qualcomm Trusted Execution Environment Firmware - Memory Corruption
CVSS 6.7
CVE-2023-21638 MEDIUM
Qualcomm FastConnect and AQT1000 Firmware - Memory Corruption in Video API
CVSS 6.7
CVE-2023-28162 HIGH
Firefox < 111.0 and Firefox ESR < 102.9 - Type Confusion in AudioWorklet Implementation
CVSS 8.8
CVE-2023-25737 HIGH
Firefox <110, Thunderbird <102.8 - Info Disclosure
CVSS 8.8
CVE-2023-21665 HIGH
Qualcomm Modem and IoT Firmware - Memory Corruption in Graphics
CVSS 8.4
CVE-2022-49873 MEDIUM
Linux Kernel 4.20-5.10.155, 5.11-5.15.79, 5.16-6.0.9 - Unauthenticated Pointer Leak via eBPF Verifier Type Conversion
CVSS 5.5
CVE-2022-33240 MEDIUM
Qualcomm Audio Component Firmware - Memory Corruption
CVSS 6.7
CVE-2022-33301 MEDIUM
Qualcomm Audio Component Firmware - Memory Corruption
CVSS 6.7
CVE-2022-40531 HIGH
Qualcomm WLAN Firmware - Memory Corruption
CVSS 8.4
CVE-2022-25715 MEDIUM
Qualcomm Display Driver Firmware - Memory Corruption
CVSS 6.7
CVE-2022-41911 MEDIUM
TensorFlow < 2.8.4, 2.9.0-2.9.3, 2.10.0-2.10.1 - Denial of Service via Undefined Char-to-Bool Conversion
CVSS 4.8
CVE-2022-41890 MEDIUM
TensorFlow < 2.8.4 - Denial of Service via Integer Overflow in BCast::ToShape
CVSS 4.8
CVE-2022-3979 MEDIUM
NagVis < 1.9.34 - Incorrect Type Conversion in checkAuthCookie
CVSS 5.6
CVE-2022-41668 HIGH
EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection
CVSS 7.0
CVE-2022-41828 HIGH
Amazon AWS Redshift JDBC Driver <2.1.0.8 - Code Injection
CVSS 8.1
CVE-2022-22102 HIGH
Snapdragon Auto - Memory Corruption
CVSS 8.4
CVE-2022-21786 MEDIUM
Android - Memory Corruption via Improper Casting in Audio DSP
CVSS 6.7
CVE-2022-25852 HIGH
libpq and pg-native - Denial of Service via Incorrect Type Conversion
CVSS 7.5
CVE-2022-32547 HIGH
ImageMagick < 6.9.12-45 - Denial of Service via Misaligned Address Load in Property Handling
CVSS 7.8
CVE-2022-1642 HIGH
swift-corelibs-foundation < 5.6.2 - Denial of Service via JSON Type Mismatch
CVSS 7.5
CVE-2022-0322 MEDIUM
Linux Kernel < 5.15 - Denial of Service via SCTP Buffer Overflow in sctp_make_strreset_req
CVSS 5.5
CVE-2021-4456 MEDIUM
Net::CIDR < 0.24 - Incorrect Type Conversion via Leading Zero Handling
CVSS 6.5
CVE-2021-35091 HIGH
Snapdragon Connectivity - Memory Corruption
CVSS 8.4
CVE-2021-33318 CRITICAL
Joel Christner .NET C# packages - Input Validation Vulnerability
CVSS 9.8
Details
Vulnerabilities 268
Links
MITRE CWE Entry Search this CWE With Exploits