Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-704 (不正确的类型转换) — Vulnerability Class 52

52 vulnerabilities classified as CWE-704 (不正确的类型转换). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-40613 Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64) — coturn 7.5 High2026-04-21
CVE-2026-34379 OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression) — openexr 7.1 High2026-04-06
CVE-2021-4456 Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact — Net::CIDR 9.8 -2026-02-27
CVE-2025-40541 SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability — Serv-U 9.1 Critical2026-02-24
CVE-2025-40540 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability — Serv-U 9.1 Critical2026-02-24
CVE-2025-40539 SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability — Serv-U 9.1 Critical2026-02-24
CVE-2026-25613 An unsafe cast in the MongoDB query planner can result in a segmentation fault. — MongoDB Server 6.5 Medium2026-02-10
CVE-2026-25503 iccDEV Has Type Confusion in CIccTagEmbeddedHeightImage::Validate() — iccDEV 7.1 High2026-02-03
CVE-2026-22041 loggingredactor converts non-string types to string types in logs — loggingredactor 9.1 -2026-01-08
CVE-2025-13720 Google Chrome 安全漏洞 — Chrome 8.8AIHighAI2025-12-02
CVE-2025-62494 Type confusion in string addition in QuickJS — QuickJS 9.8AICriticalAI2025-10-16
CVE-2025-54429 Polkadot Frontier's constructing smart contract can bypass precompile address bounding — frontier 7.5AIHighAI2025-07-28
CVE-2025-41648 Pilz: Authentication Bypass in IndustrialPI Webstatus — IndustrialPI 4 with IndustrialPI webstatus 9.8 Critical2025-07-01
CVE-2025-41646 RevPi Webstatus application is vulnerable to an authentication bypass — Revolution Pi webstatus 9.8 Critical2025-06-06
CVE-2024-43058 Incorrect Type Conversion or Cast in Multimedia Frameworks — Snapdragon 7.8 High2025-04-07
CVE-2025-1057 Keylime: keylime registrar dos due to incompatible database entry handling 4.3 Medium2025-03-15
CVE-2025-20072 Mobile crash via improper validation of proto style in attachments — Mattermost 6.5 Medium2025-01-16
CVE-2025-21088 WebApp crash via improper validation of proto style in attachments — Mattermost 6.5 Medium2025-01-15
CVE-2024-47181 Unaligned memory access in RPL option processing in Contiki-NG — contiki-ng 7.5 High2024-11-27
CVE-2024-39590 OpenPLC 代码问题漏洞 — OpenPLC_v3 7.5 High2024-09-18
CVE-2024-39589 OpenPLC 代码问题漏洞 — OpenPLC_v3 7.5 High2024-09-18
CVE-2024-35303 Siemens Tecnomatix Plant Simulation 代码问题漏洞 — Tecnomatix Plant Simulation V2302 7.8 High2024-06-11
CVE-2024-21478 NULL Pointer Dereference in Graphics — Snapdragon 6.2 Medium2024-06-03
CVE-2024-5436 Type Confusion in Snapchat Lenscore — Snapchat Lenscore 8.8 -2024-05-31
CVE-2024-28130 OFFIS DCMTK 代码问题漏洞 — DCMTK 7.5 High2024-04-23
CVE-2023-33101 Incorrect Type Conversion or Cast in Multi-Mode Call Processor — Snapdragon 7.5 High2024-04-01
CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send — Zephyr 8.0 High2024-02-18
CVE-2023-45204 Siemens Tecnomatix Plant Simulation 代码问题漏洞 — Tecnomatix Plant Simulation V2201 7.8 High2023-10-10
CVE-2023-21651 Incorrect Type Conversion or Cast in Core — Snapdragon 9.3 Critical2023-08-08
CVE-2023-21638 Incorrect Type Conversion or Cast in Video — Snapdragon 6.7 Medium2023-07-04

Vulnerabilities classified as CWE-704 (不正确的类型转换) represent 52 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.