CWE-843 · Access of Resource Using Incompatible Type (Type Confusion)

803 CVEs classified under CWE-843 (Access of Resource Using Incompatible Type (Type Confusion)). Browse by severity and year.

Top CVEs for CWE-843
CVESeverityScorePublishedSummary
CVE-2021-33970Critical10.02023-04-19Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.
CVE-2023-22579Critical9.92023-02-16Due to improper parameter filtering in the sequalize js library, can a attacker peform injection.
CVE-2026-43038Critical9.82026-05-01In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: …
CVE-2026-43037Critical9.82026-05-01In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. …
CVE-2025-70023Critical9.82026-04-14An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6.
CVE-2026-33937Critical9.82026-03-27Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, `Handlebars.compile()` accepts a pre-parsed AST…
CVE-2026-4702Critical9.82026-03-24JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4698Critical9.82026-03-24JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149…
CVE-2026-2796Critical9.82026-02-24JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
CVE-2026-21854Critical9.82026-01-07The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows…
CVE-2025-65570Critical9.82025-12-29A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP_NEXT opcode. When an “instanceof” expression uses an array element acces…
CVE-2025-14330Critical9.82025-12-09JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 14…
CVE-2025-47151Critical9.82025-11-05A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML res…
CVE-2025-10585Critical9.82025-09-24Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromi…
CVE-2025-22435Critical9.82025-09-02In avdt_msg_ind of avdt_msg.cc, there is a possible memory corruption due to type confusion. This could lead to paired device escalation of privilege with no a…
CVE-2024-43498Critical9.82024-11-12.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-7825Critical9.82024-10-03Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll m…
CVE-2024-7824Critical9.82024-10-03Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll m…
CVE-2024-8385Critical9.82024-09-03A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability af…
CVE-2024-8381Critical9.82024-09-03A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerabili…