Vulnerabilities > Incorrect Type Conversion or Cast

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-1027 Incorrect Type Conversion or Cast vulnerability in Google Android 12.0
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a privileged process due to improper casting.
local
low complexity
google CWE-704
4.6
2021-12-08 CVE-2021-43537 Incorrect Type Conversion or Cast vulnerability in multiple products
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash.
network
low complexity
mozilla debian CWE-704
8.8
2021-09-08 CVE-2021-1923 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT
local
low complexity
qualcomm CWE-704
4.6
2021-08-27 CVE-2021-39173 Incorrect Type Conversion or Cast vulnerability in Catchethq Catchet
Cachet is an open source status page system.
network
low complexity
catchethq CWE-704
8.8
2021-04-06 CVE-2021-29424 Incorrect Type Conversion or Cast vulnerability in multiple products
The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
network
low complexity
net fedoraproject CWE-704
7.5
2021-04-01 CVE-2021-28918 Incorrect Type Conversion or Cast vulnerability in Netmask Project Netmask
Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages.
network
low complexity
netmask-project CWE-704
critical
9.1
2021-03-31 CVE-2021-29662 Incorrect Type Conversion or Cast vulnerability in multiple products
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
network
low complexity
data netapp CWE-704
7.5
2021-01-18 CVE-2021-25175 Incorrect Type Conversion or Cast vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11.
6.8
2020-10-14 CVE-2019-2194 Incorrect Type Conversion or Cast vulnerability in Google Android 9.0
In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting.
local
low complexity
google CWE-704
4.6
2020-09-14 CVE-2020-25576 Incorrect Type Conversion or Cast vulnerability in Rand Project Rand
An issue was discovered in the rand_core crate before 0.4.2 for Rust.
network
low complexity
rand-project CWE-704
7.5