|
CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
|
620 |
Unverified Password Change |
|
|
621 |
Variable Extraction Error |
|
|
622 |
Unvalidated Function Hook Arguments |
|
|
623 |
Unsafe ActiveX Control Marked Safe For Scripting |
|
|
624 |
Executable Regular Expression Error |
|
|
625 |
Permissive Regular Expression |
|
|
626 |
Null Byte Interaction Error (Poison Null Byte) |
|
|
627 |
Dynamic Variable Evaluation |
|
|
628 |
Function Call with Incorrectly Specified Arguments |
|
|
636 |
Not Failing Securely ('Failing Open') |
|
|
637 |
Failure to Use Economy of Mechanism |
|
|
638 |
Failure to Use Complete Mediation |
|
|
64 |
Windows Shortcut Following (.LNK) |
|
|
641 |
Insufficient Filtering of File and Other Resource Names for Executable Content |
|
|
643 |
Improper Neutralization of Data within XPath Expressions ('XPath injection') |
|
|
644 |
Improper Neutralization of HTTP Headers for Scripting Syntax |
|
|
645 |
Overly Restrictive Account Lockout Mechanism |
|
|
646 |
Reliance on File Name or Extension of Externally-Supplied File |
|
|
647 |
Use of Non-Canonical URL Paths for Authorization Decisions |
|
|
648 |
Incorrect Use of Privileged APIs |
|
|
649 |
Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking |
|
|
65 |
Windows Hard Link |
|
|
650 |
Trusting HTTP Permission Methods on the Server Side |
|
|
651 |
Information Leak through WSDL File |
|
|
652 |
Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') |
|
|
653 |
Insufficient Compartmentalization |
|
|
654 |
Reliance on a Single Factor in a Security Decision |
|
|
655 |
Insufficient Psychological Acceptability |
|
|
656 |
Reliance on Security through Obscurity |
|
|
657 |
Violation of Secure Design Principles |
|
|
66 |
Improper Handling of File Names that Identify Virtual Resources |
|
|
662 |
Insufficient Synchronization |
|
|
663 |
Use of a Non-reentrant Function in an Unsynchronized Context |
|
|
666 |
Operation on Resource in Wrong Phase of Lifetime |
|
|
667 |
Insufficient Locking |
|
|
67 |
Improper Handling of Windows Device Names |
|
|
671 |
Lack of Administrator Control over Security |
|
|
673 |
External Influence of Sphere Definition |
|
|
675 |
Duplicate Operations on Resource |
|
|
676 |
Use of Potentially Dangerous Function |
|
|
683 |
Function Call With Incorrect Order of Arguments |
|
|
684 |
Failure to Provide Specified Functionality |
|
|
685 |
Function Call With Incorrect Number of Arguments |
|
|
686 |
Function Call With Incorrect Argument Type |
|
|
687 |
Function Call With Incorrectly Specified Argument Value |
|
|
688 |
Function Call With Incorrect Variable or Reference as Argument |
|
|
69 |
Failure to Handle Windows ::DATA Alternate Data Stream |
|
|
691 |
Insufficient Control Flow Management |
|
|
694 |
Use of Multiple Resources with Duplicate Identifier |
|
|
695 |
Use of Low-Level Functionality |
|
