|
CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
|
496 |
Public Data Assigned to Private Array-Typed Field |
|
|
498 |
Information Leak through Class Cloning |
|
|
499 |
Serializable Class Containing Sensitive Data |
|
|
5 |
J2EE Misconfiguration: Data Transmission Without Encryption |
|
|
50 |
Path Equivalence: '//multiple/leading/slash' |
|
|
500 |
Public Static Field Not Marked Final |
|
|
501 |
Trust Boundary Violation |
|
|
508 |
Non-Replicating Malicious Code |
|
|
509 |
Replicating Malicious Code (Virus or Worm) |
|
|
51 |
Path Equivalence: '/multiple//internal/slash' |
|
|
510 |
Trapdoor |
|
|
511 |
Logic/Time Bomb |
|
|
512 |
Spyware |
|
|
514 |
Covert Channel |
|
|
515 |
Covert Storage Channel |
|
|
516 |
DEPRECATED (Duplicate): Covert Timing Channel |
|
|
52 |
Path Equivalence: '/multiple/trailing/slash//' |
|
|
520 |
.NET Misconfiguration: Use of Impersonation |
|
|
526 |
Information Leak Through Environmental Variables |
|
|
528 |
Exposure of Core Dump File to an Unauthorized Control Sphere |
|
|
529 |
Exposure of Access Control List Files to an Unauthorized Control Sphere |
|
|
53 |
Path Equivalence: '\multiple\\internal\backslash' |
|
|
530 |
Exposure of Backup File to an Unauthorized Control Sphere |
|
|
531 |
Information Leak Through Test Code |
|
|
533 |
Information Leak Through Server Log Files |
|
|
535 |
Information Leak Through Shell Error Message |
|
|
536 |
Information Leak Through Servlet Runtime Error Message |
|
|
537 |
Information Leak Through Java Runtime Error Message |
|
|
54 |
Path Equivalence: 'filedir\' (Trailing Backslash) |
|
|
541 |
Information Leak Through Include Source Code |
|
|
542 |
Information Leak Through Cleanup Log Files |
|
|
543 |
Use of Singleton Pattern in a Non-thread-safe Manner |
|
|
544 |
Failure to Use a Standardized Error Handling Mechanism |
|
|
545 |
Use of Dynamic Class Loading |
|
|
546 |
Suspicious Comment |
|
|
547 |
Use of Hard-coded, Security-relevant Constants |
|
|
55 |
Path Equivalence: '/./' (Single Dot Directory) |
|
|
550 |
Information Leak Through Server Error Message |
|
|
553 |
Command Shell in Externally Accessible Directory |
|
|
554 |
ASP.NET Misconfiguration: Not Using Input Validation Framework |
|
|
555 |
J2EE Misconfiguration: Plaintext Password in Configuration File |
|
|
556 |
ASP.NET Misconfiguration: Use of Identity Impersonation |
|
|
558 |
Use of getlogin() in Multithreaded Application |
|
|
56 |
Path Equivalence: 'filedir*' (Wildcard) |
|
|
560 |
Use of umask() with chmod-style Argument |
|
|
561 |
Dead Code |
|
|
563 |
Unused Variable |
|
|
564 |
SQL Injection: Hibernate |
|
|
566 |
Access Control Bypass Through User-Controlled SQL Primary Key |
|
|
568 |
finalize() Method Without super.finalize() |
|
