Skip to main content

Product Directory Enterprise Compliance Pulse AI Analyst Compare Docs

Login Start Free

Loading...

Cloud security intelligence for modern infrastructure.

Stay informed

📬 Product updates & blog posts🛡️ CVE & vendor advisory alerts

Frequency:

Sent from noreply@echelongraph.io · Unsubscribe anytime

Product

Overview
Enterprise
Agents
AI Analyst
Pricing
Compare
vs. Competitors

Resources

CVE Pulse
Compliance Directory
Newsletter
Documentation
Readiness Calculator
Blog

Security Tools

Surface Scanner
AI Security Index
AI Threat Map
Shadow AI Radar
Shadow Engine Map

Company

Design Partners
Changelog
Contact

Legal

Privacy
Terms
Security
DPA

© 2026 EchelonGraph, Inc. All rights reserved.

SOC 2 Type IIISO 27001GDPRHIPAA Ready

Home›CVE Pulse›CWE-843

CWE-843— Access of Resource Using Incompatible Type (Type Confusion)

729 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-843page 12 of 15

CVE-2024-9602HIGHCVSS 8.8EG 8.8
2024-10-08
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-9603HIGHCVSS 8.8EG 8.8
2024-10-08
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-9859HIGHCVSS 8.8EG 8.8
2024-10-11
Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0147HIGHCVSS 8.8EG 8.8
2025-01-30
Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.
CVE-2025-0291HIGHCVSS 8.8EG 8.3
2025-01-08
Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2025-10585CRITICALCVSS 9.8EG 9.8⚠ KEV
2025-09-24
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-11731LOWCVSS 3.1EG 3.1
2025-10-14
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element no…
CVE-2025-12428HIGHCVSS 8.8EG 8.8
2025-11-10
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2025-12899MEDIUMCVSS 6.5EG 6.5
2026-01-30
A flaw in Zephyr’s network stack allows an IPv4 packet containing ICMP type 128 to be misclassified as an ICMPv6 Echo Request. This results in an out-of-bounds memory read and creates a potential information-leak vulnerability in the net…
CVE-2025-13223HIGHCVSS 8.8EG 9.0⚠ KEV
2025-11-17
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13224HIGHCVSS 8.8EG 8.8
2025-11-17
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13226HIGHCVSS 8.8EG 8.8
2025-11-18
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13227HIGHCVSS 8.8EG 8.8
2025-11-18
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13228HIGHCVSS 8.8EG 8.8
2025-11-18
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13229HIGHCVSS 8.8EG 8.8
2025-11-18
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13230HIGHCVSS 8.8EG 8.8
2025-11-18
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-13630HIGHCVSS 8.8EG 8.8
2025-12-02
Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-14325HIGHCVSS 7.3EG 7.3
2025-12-09
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.
CVE-2025-14330CRITICALCVSS 9.8EG 9.8
2025-12-09
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.
CVE-2025-1920HIGHCVSS 8.8EG 8.8
2025-03-10
Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-20063LOWCVSS 3.3EG 3.3
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-2015HIGHCVSS 7.8EG 7.8
2025-03-11
Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required t…
CVE-2025-2016HIGHCVSS 7.8EG 7.8
2025-03-11
Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required …
CVE-2025-2018HIGHCVSS 7.8EG 7.8
2025-03-11
Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required t…
CVE-2025-2022HIGHCVSS 7.8EG 7.8
2025-03-11
Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required t…
CVE-2025-21082LOWCVSS 3.3EG 3.3
2025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-21225MEDIUMCVSS 5.9EG 5.9
2025-01-14
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2025-21279MEDIUMCVSS 6.5EG 6.5
2025-02-06
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21326HIGHCVSS 7.8EG 7.8
2025-01-14
Internet Explorer Remote Code Execution Vulnerability
CVE-2025-21342HIGHCVSS 8.8EG 8.8
2025-02-06
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-2135HIGHCVSS 8.8EG 8.8
2025-03-10
Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-21356HIGHCVSS 7.8EG 7.8
2025-01-14
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2025-21408HIGHCVSS 8.8EG 8.8
2025-02-06
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-2197MEDIUMCVSS 4.3EG 4.3
2025-04-17
Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability.
CVE-2025-22151LOWCVSS 3.7EG 3.7
2025-01-09
Strawberry GraphQL is a library for creating GraphQL APIs. Starting in 0.182.0 and prior to version 0.257.0, a type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations (Django, SQ…
CVE-2025-22153HIGHCVSS 7.9EG 7.9
2025-01-23
RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior …
CVE-2025-22435CRITICALCVSS 9.8EG 9.8
2025-09-02
In avdt_msg_ind of avdt_msg.cc, there is a possible memory corruption due to type confusion. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploi…
CVE-2025-24129HIGHCVSS 7.5EG 7.5
2025-01-27
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may cause …
CVE-2025-24137HIGHCVSS 8.0EG 8.0
2025-01-27
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3. An attacker on the local network may corrupt proce…
CVE-2025-24213HIGHCVSS 7.8EG 7.8
2025-03-31
This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory …
CVE-2025-24271MEDIUMCVSS 5.4EG 6.2
2025-04-29
An access issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An unauthenticated use…
CVE-2025-25000HIGHCVSS 8.8EG 8.8
2025-04-04
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2025-26496CRITICALCVSS 9.3EG 9.6
2025-08-22
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Deskto…
CVE-2025-27536LOWCVSS 3.3EG 3.3
2025-08-11
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.
CVE-2025-29791HIGHCVSS 7.8EG 7.8
2025-04-08
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-29806MEDIUMCVSS 6.5EG 6.5
2025-03-23
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2025-29867HIGHCVSS 8.5EG 0.0
2026-02-04
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Hancom Inc. Hancom Office 2018, Hancom Inc. Hancom Office 2020, Hancom Inc. Hancom Office 2022, Hancom Inc. Hancom Office 2024 allows File Content Injection.Thi…
CVE-2025-30310HIGHCVSS 7.8EG 7.8
2025-05-13
Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …
CVE-2025-30375HIGHCVSS 7.8EG 7.8
2025-05-13
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30383HIGHCVSS 7.8EG 7.8
2025-05-13
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

← PreviousPage 12 of 15Next →

Map vulnerabilities like CWE-843 to your infrastructure

EchelonGraph correlates every CVE — across CWE-843 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →