Common Weakness Enumeration

CWE-704

Allowed-with-Review

Incorrect Type Conversion or Cast

Abstraction: Class · Status: Incomplete

The product does not correctly convert an object, resource, or structure from one type to a different type.

334 vulnerabilities reference this CWE, most recent first.

GHSA-MWMX-5RWF-P4X5

Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA events. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6331.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-14311"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-31T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA events. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6331.",
  "id": "GHSA-mwmx-5rwf-p4x5",
  "modified": "2022-05-13T01:34:33Z",
  "published": "2022-05-13T01:34:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14311"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-771"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P2MF-2FFV-9FQX

Vulnerability from github – Published: 2022-11-04 19:01 – Updated: 2022-11-05 12:00
VLAI
Details

A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-41668"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-04T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).",
  "id": "GHSA-p2mf-2ffv-9fqx",
  "modified": "2022-11-05T12:00:20Z",
  "published": "2022-11-04T19:01:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41668"
    },
    {
      "type": "WEB",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2022-284-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P49X-8J2X-FP6M

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record remove method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5376.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9942"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-17T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record remove method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5376.",
  "id": "GHSA-p49x-8j2x-fp6m",
  "modified": "2022-05-13T01:31:39Z",
  "published": "2022-05-13T01:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9942"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-326"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P4Q8-MX85-6FC8

Vulnerability from github – Published: 2025-12-02 21:31 – Updated: 2025-12-02 21:31
VLAI
Details

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13720"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-02T19:15:48Z",
    "severity": "HIGH"
  },
  "details": "Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)",
  "id": "GHSA-p4q8-mx85-6fc8",
  "modified": "2025-12-02T21:31:29Z",
  "published": "2025-12-02T21:31:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13720"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/457818670"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P544-JP84-35WM

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record append method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5375.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9941"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-17T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record append method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5375.",
  "id": "GHSA-p544-jp84-35wm",
  "modified": "2022-05-13T01:31:39Z",
  "published": "2022-05-13T01:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9941"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-325"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P56J-X44H-G66J

Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2023-12-22 15:00
VLAI
Summary
Incorrect Privilege Assignment in Jenkins Script Security Plugin
Details

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.61"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:script-security"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.62"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-10355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-704"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-28T22:57:34Z",
    "nvd_published_at": "2019-07-31T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts.",
  "id": "GHSA-p56j-x44h-g66j",
  "modified": "2023-12-22T15:00:19Z",
  "published": "2022-05-24T16:51:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10355"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/script-security-plugin/commit/5dc2e2465f309c772237a4b2de9caf61ba9b585b"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2594"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2651"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2662"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/script-security-plugin"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Incorrect Privilege Assignment in Jenkins Script Security Plugin"
}

GHSA-P59W-R597-MMWF

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-05-07 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix wrong reg type conversion in release_reference()

Some helper functions will allocate memory. To avoid memory leaks, the verifier requires the eBPF program to release these memories by calling the corresponding helper functions.

When a resource is released, all pointer registers corresponding to the resource should be invalidated. The verifier use release_references() to do this job, by apply __mark_reg_unknown() to each relevant register.

It will give these registers the type of SCALAR_VALUE. A register that will contain a pointer value at runtime, but of type SCALAR_VALUE, which may allow the unprivileged user to get a kernel pointer by storing this register into a map.

Using __mark_reg_not_init() while NOT allow_ptr_leaks can mitigate this problem.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-49873"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:12Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix wrong reg type conversion in release_reference()\n\nSome helper functions will allocate memory. To avoid memory leaks, the\nverifier requires the eBPF program to release these memories by calling\nthe corresponding helper functions.\n\nWhen a resource is released, all pointer registers corresponding to the\nresource should be invalidated. The verifier use release_references() to\ndo this job, by apply  __mark_reg_unknown() to each relevant register.\n\nIt will give these registers the type of SCALAR_VALUE. A register that\nwill contain a pointer value at runtime, but of type SCALAR_VALUE, which\nmay allow the unprivileged user to get a kernel pointer by storing this\nregister into a map.\n\nUsing __mark_reg_not_init() while NOT allow_ptr_leaks can mitigate this\nproblem.",
  "id": "GHSA-p59w-r597-mmwf",
  "modified": "2025-05-07T15:31:25Z",
  "published": "2025-05-01T15:31:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49873"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/466ce46f251dfb259a8cbaa895ab9edd6fb56240"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ae5ccad6c711db0f2ca1231be051935dd128b8f5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cedd4f01f67be94735f15123158f485028571037"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f1db20814af532f85e091231223e5e4818e8464b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P73V-8P65-68F2

Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getTemplate method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6024.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-14261"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-31T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getTemplate method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6024.",
  "id": "GHSA-p73v-8p65-68f2",
  "modified": "2022-05-13T01:34:39Z",
  "published": "2022-05-13T01:34:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14261"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-721"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P7GV-V9MH-P8QF

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31
VLAI
Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of layout elements. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5373.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9939"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-17T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of layout elements. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5373.",
  "id": "GHSA-p7gv-v9mh-p8qf",
  "modified": "2022-05-13T01:31:40Z",
  "published": "2022-05-13T01:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9939"
    },
    {
      "type": "WEB",
      "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-323"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P7RR-MJWC-J7XM

Vulnerability from github – Published: 2022-05-14 04:03 – Updated: 2025-04-20 03:49
VLAI
Details

Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5717"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-704"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-12T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access.",
  "id": "GHSA-p7rr-mjwc-j7xm",
  "modified": "2025-04-20T03:49:49Z",
  "published": "2022-05-14T04:03:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5717"
    },
    {
      "type": "WEB",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095\u0026languageid=en-fr"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/43373"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.