Common Weakness Enumeration (CWE™) is a list of common software and hardware weakness types that have security ramifications. A “weakness” is a condition in a software, firmware, hardware, or service component that, under certain circumstances, could contribute to the introduction of vulnerabilities.
CWE Number Name
CWE-512 Spyware Vulnerabilities
CWE-511 Logic/Time Bomb Vulnerabilities
CWE-510 Trapdoor Vulnerabilities
CWE-509 Replicating Malicious Code (Virus or Worm) Vulnerabilities
CWE-508 Non-Replicating Malicious Code Vulnerabilities
CWE-507 Trojan Horse Vulnerabilities
CWE-506 Embedded Malicious Code Vulnerabilities
CWE-502 Deserialization of Untrusted Data Vulnerabilities
CWE-501 Trust Boundary Violation Vulnerabilities
CWE-500 Public Static Field Not Marked Final Vulnerabilities
CWE-499 Serializable Class Containing Sensitive Data Vulnerabilities
CWE-498 Cloneable Class Containing Sensitive Information Vulnerabilities
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere Vulnerabilities
CWE-496 Public Data Assigned to Private Array-Typed Field Vulnerabilities
CWE-495 Private Data Structure Returned From A Public Method Vulnerabilities
CWE-494 Download of Code Without Integrity Check Vulnerabilities
CWE-493 Critical Public Variable Without Final Modifier Vulnerabilities
CWE-492 Use of Inner Class Containing Sensitive Data Vulnerabilities
CWE-491 Public cloneable() Method Without Final ('Object Hijack') Vulnerabilities
CWE-489 Active Debug Code Vulnerabilities
CWE-488 Exposure of Data Element to Wrong Session Vulnerabilities
CWE-487 Reliance on Package-level Scope Vulnerabilities
CWE-486 Comparison of Classes by Name Vulnerabilities
CWE-484 Omitted Break Statement in Switch Vulnerabilities
CWE-483 Incorrect Block Delimitation Vulnerabilities
CWE-482 Comparing instead of Assigning Vulnerabilities
CWE-481 Assigning instead of Comparing Vulnerabilities
CWE-480 Use of Incorrect Operator Vulnerabilities
CWE-479 Signal Handler Use of a Non-reentrant Function Vulnerabilities
CWE-478 Missing Default Case in Multiple Condition Expression Vulnerabilities
CWE-477 Use of Obsolete Function Vulnerabilities
CWE-476 NULL Pointer Dereference Vulnerabilities
CWE-475 Undefined Behavior for Input to API Vulnerabilities
CWE-474 Use of Function with Inconsistent Implementations Vulnerabilities
CWE-473 PHP External Variable Modification Vulnerabilities
CWE-472 External Control of Assumed-Immutable Web Parameter Vulnerabilities
CWE-471 Modification of Assumed-Immutable Data (MAID) Vulnerabilities
CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') Vulnerabilities
CWE-469 Use of Pointer Subtraction to Determine Size Vulnerabilities
CWE-468 Incorrect Pointer Scaling Vulnerabilities
CWE-467 Use of sizeof() on a Pointer Type Vulnerabilities
CWE-466 Return of Pointer Value Outside of Expected Range Vulnerabilities
CWE-464 Addition of Data Structure Sentinel Vulnerabilities
CWE-463 Deletion of Data Structure Sentinel Vulnerabilities
CWE-462 Duplicate Key in Associative List (Alist) Vulnerabilities
CWE-460 Improper Cleanup on Thrown Exception Vulnerabilities
CWE-459 Incomplete Cleanup Vulnerabilities
CWE-457 Use of Uninitialized Variable Vulnerabilities
CWE-456 Missing Initialization of a Variable Vulnerabilities
CWE-455 Non-exit on Failed Initialization Vulnerabilities
Found 668 CWE definitions
1 2 3 4 5 6 7 8 9 10 11 12 13 14
Please note that CWE definitions are provided as a quick reference only. Visit http://cwe.mitre.org/ for a complete list of CWE entries and for more details.
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!