|
CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
|
640 |
Weak Password Recovery Mechanism for Forgotten Password |
|
|
64 |
Windows Shortcut Following (.LNK) |
|
|
639 |
Access Control Bypass Through User-Controlled Key |
|
|
638 |
Failure to Use Complete Mediation |
|
|
637 |
Failure to Use Economy of Mechanism |
|
|
636 |
Not Failing Securely ('Failing Open') |
|
|
628 |
Function Call with Incorrectly Specified Arguments |
|
|
627 |
Dynamic Variable Evaluation |
|
|
626 |
Null Byte Interaction Error (Poison Null Byte) |
|
|
625 |
Permissive Regular Expression |
|
|
624 |
Executable Regular Expression Error |
|
|
623 |
Unsafe ActiveX Control Marked Safe For Scripting |
|
|
622 |
Unvalidated Function Hook Arguments |
|
|
621 |
Variable Extraction Error |
|
|
620 |
Unverified Password Change |
|
|
62 |
UNIX Hard Link |
|
|
619 |
Dangling Database Cursor ('Cursor Injection') |
|
|
618 |
Exposed Unsafe ActiveX Method |
|
|
617 |
Reachable Assertion |
|
|
616 |
Incomplete Identification of Uploaded File Variables (PHP) |
|
|
615 |
Information Leak Through Comments |
|
|
614 |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute |
|
|
613 |
Insufficient Session Expiration |
|
|
612 |
Information Leak Through Indexing of Private Data |
|
|
611 |
Information Leak Through XML External Entity File Disclosure |
|
|
610 |
Externally Controlled Reference to a Resource in Another Sphere |
|
|
609 |
Double-Checked Locking |
|
|
608 |
Struts: Non-private Field in ActionForm Class |
|
|
607 |
Public Static Final Field References Mutable Object |
|
|
606 |
Unchecked Input for Loop Condition |
|
|
605 |
Multiple Binds to the Same Port |
|
|
603 |
Use of Client-Side Authentication |
|
|
602 |
Client-Side Enforcement of Server-Side Security |
|
|
601 |
URL Redirection to Untrusted Site ('Open Redirect') |
|
|
600 |
Failure to Catch All Exceptions in Servlet |
|
|
6 |
J2EE Misconfiguration: Insufficient Session-ID Length |
|
|
599 |
Trust of OpenSSL Certificate Without Validation |
|
|
598 |
Information Leak Through Query Strings in GET Request |
|
|
597 |
Use of Wrong Operator in String Comparison |
|
|
596 |
Incorrect Semantic Object Comparison |
|
|
595 |
Comparison of Object References Instead of Object Contents |
|
|
594 |
J2EE Framework: Saving Unserializable Objects to Disk |
|
|
593 |
Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created |
|
|
592 |
Authentication Bypass Issues |
|
|
591 |
Sensitive Data Storage in Improperly Locked Memory |
|
|
590 |
Free of Memory not on the Heap |
|
|
589 |
Call to Non-ubiquitous API |
|
|
588 |
Attempt to Access Child of a Non-structure Pointer |
|
|
587 |
Assignment of a Fixed Address to a Pointer |
|
|
586 |
Explicit Call to Finalize() |
|
