CWE-351 - Insufficient Type Distinction
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Insufficient Type Distinction
Description
The product does not properly distinguish between different types of elements in a way that leads to insecure behavior.
Common Consequences
Scope: Other
Impact: Other
Related Weaknesses
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders
Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks
North Korean hackers adopt ClickFix attacks to target crypto firms
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
Microsoft tests new Windows 11 tool to remotely fix boot crashes
New Crocodilus malware steals Android users’ crypto wallet keys
Microsoft's killing script used to avoid Microsoft Account in Windows 11
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
MediumCSP: Wildcard Directive
InformationalInformation Disclosure - Sensitive Information in HTTP Referrer Header
InformationalCross Site Scripting (Persistent) - Prime
MediumRelative Path Confusion
MediumFormat String Error
InformationalSec-Fetch-Mode Header Has an Invalid Value
InformationalVerification Request Identified
MediumJWT Scan Rule