CWE-704— Incorrect Type Conversion or Cast
233 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-704page 2 of 5
- CVE-2018-14260HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14261HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14262HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14263HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14264HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14265HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14266HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14267HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14268HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14269HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14270HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14271HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14272HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14273HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14274HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14275HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14276HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14277HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14278HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14279HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14285HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14286HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14287HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14288HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14311HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious…
- CVE-2018-14313HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14317HIGHCVSS 8.8EG 8.82018-08-30
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-14379HIGHCVSS 8.8EG 8.82018-07-18
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unsp…
- CVE-2018-14403CRITICALCVSS 9.8EG 9.82018-07-19
MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.
- CVE-2018-15909HIGHCVSS 7.8EG 7.82018-08-27
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
- CVE-2018-15910HIGHCVSS 7.8EG 7.82018-08-27
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
- CVE-2018-15981CRITICALCVSS 9.8EG 9.82018-11-29
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-16511HIGHCVSS 7.8EG 7.82018-09-05
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
- CVE-2018-16513HIGHCVSS 7.8EG 7.82018-09-05
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
- CVE-2018-17685HIGHCVSS 8.8EG 8.82019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-17913HIGHCVSS 7.8EG 7.82018-11-05
A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.
- CVE-2018-18386LOWCVSS 3.3EG 3.32018-10-17
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
- CVE-2018-19019HIGHCVSS 7.3EG 7.32019-01-22
A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
- CVE-2018-19027HIGHCVSS 7.8EG 7.82019-01-30
Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the…
- CVE-2018-19134HIGHCVSS 7.8EG 7.82018-12-20
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of th…
- CVE-2018-19476HIGHCVSS 7.8EG 7.82018-11-23
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
- CVE-2018-19477HIGHCVSS 7.8EG 7.82018-11-23
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
- CVE-2018-3843HIGHCVSS 8.8EG 8.82018-04-19
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, whi…
- CVE-2018-4219HIGHCVSS 7.8EG 7.82018-06-08
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "ATS" component. It allows attackers to gain privileges via a crafted app that leverages type confusion.
- CVE-2018-4246HIGHCVSS 8.8EG 8.82018-06-08
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS …
- CVE-2018-4284HIGHCVSS 8.8EG 8.82019-04-03
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
- CVE-2018-4285HIGHCVSS 7.8EG 7.82019-04-03
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
- CVE-2018-4920HIGHCVSS 8.8EG 9.82018-05-19
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
- CVE-2018-4944CRITICALCVSS 9.8EG 9.82018-05-19
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
- CVE-2018-4945HIGHCVSS 8.8EG 8.82018-07-09
Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Map vulnerabilities like CWE-704 to your infrastructure
EchelonGraph correlates every CVE — across CWE-704 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →