|
CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
|
785 |
Use of Path Manipulation Function without Maximum-sized Buffer |
|
|
784 |
Reliance on Cookies without Validation and Integrity Checking in a Security Decision |
|
|
783 |
Operator Precedence Logic Error |
|
|
782 |
Exposed IOCTL with Insufficient Access Control |
|
|
781 |
Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code |
|
|
780 |
Use of RSA Algorithm without OAEP |
|
|
779 |
Logging of Excessive Data |
|
|
778 |
Insufficient Logging |
|
|
777 |
Regular Expression without Anchors |
|
|
776 |
Unrestricted Recursive Entity References in DTDs ('XML Bomb') |
|
|
775 |
Missing Release of File Descriptor or Handle after Effective Lifetime |
|
|
774 |
Allocation of File Descriptors or Handles Without Limits or Throttling |
|
|
773 |
Missing Reference to Active File Descriptor or Handle |
|
|
772 |
Missing Release of Resource after Effective Lifetime |
|
|
771 |
Missing Reference to Active Allocated Resource |
|
|
770 |
Allocation of Resources Without Limits or Throttling |
|
|
77 |
Improper Sanitization of Special Elements used in a Command ('Command Injection') |
|
|
768 |
Incorrect Short Circuit Evaluation |
|
|
767 |
Access to Critical Private Variable via Public Method |
|
|
766 |
Critical Variable Declared Public |
|
|
765 |
Multiple Unlocks of a Critical Resource |
|
|
764 |
Multiple Locks of a Critical Resource |
|
|
763 |
Release of Invalid Pointer or Reference |
|
|
762 |
Mismatched Memory Management Routines |
|
|
761 |
Free of Pointer not at Start of Buffer |
|
|
760 |
Use of a One-Way Hash with a Predictable Salt |
|
|
76 |
Failure to Resolve Equivalent Special Elements into a Different Plane |
|
|
759 |
Use of a One-Way Hash without a Salt |
|
|
758 |
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior |
|
|
757 |
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') |
|
|
756 |
Missing Custom Error Page |
|
|
755 |
Improper Handling of Exceptional Conditions |
|
|
754 |
Improper Check for Unusual or Exceptional Conditions |
|
|
75 |
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) |
|
|
749 |
Exposed Dangerous Method or Function |
|
|
74 |
Failure to Sanitize Data into a Different Plane ('Injection') |
|
|
733 |
Compiler Optimization Removal or Modification of Security-critical Code |
|
|
732 |
Incorrect Permission Assignment for Critical Resource |
|
|
73 |
External Control of File Name or Path |
|
|
72 |
Improper Handling of Apple HFS+ Alternate Data Stream Path |
|
|
710 |
Coding Standards Violation |
|
|
71 |
Apple '.DS_Store' |
|
|
708 |
Incorrect Ownership Assignment |
|
|
707 |
Improper Enforcement of Message or Data Structure |
|
|
706 |
Use of Incorrectly-Resolved Name or Reference |
|
|
705 |
Incorrect Control Flow Scoping |
|
|
704 |
Incorrect Type Conversion or Cast |
|
|
703 |
Failure to Handle Exceptional Conditions |
|
|
7 |
J2EE Misconfiguration: Missing Custom Error Page |
|
|
698 |
Redirect Without Exit |
|
