|
CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
|
64 |
Windows Shortcut Following (.LNK) |
|
|
641 |
Insufficient Filtering of File and Other Resource Names for Executable Content |
|
|
643 |
Improper Neutralization of Data within XPath Expressions ('XPath injection') |
|
|
644 |
Improper Neutralization of HTTP Headers for Scripting Syntax |
|
|
645 |
Overly Restrictive Account Lockout Mechanism |
|
|
646 |
Reliance on File Name or Extension of Externally-Supplied File |
|
|
647 |
Use of Non-Canonical URL Paths for Authorization Decisions |
|
|
648 |
Incorrect Use of Privileged APIs |
|
|
649 |
Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking |
|
|
65 |
Windows Hard Link |
|
|
650 |
Trusting HTTP Permission Methods on the Server Side |
|
|
651 |
Information Leak through WSDL File |
|
|
652 |
Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') |
|
|
653 |
Insufficient Compartmentalization |
|
|
654 |
Reliance on a Single Factor in a Security Decision |
|
|
655 |
Insufficient Psychological Acceptability |
|
|
656 |
Reliance on Security through Obscurity |
|
|
657 |
Violation of Secure Design Principles |
|
|
66 |
Improper Handling of File Names that Identify Virtual Resources |
|
|
662 |
Insufficient Synchronization |
|
|
663 |
Use of a Non-reentrant Function in an Unsynchronized Context |
|
|
666 |
Operation on Resource in Wrong Phase of Lifetime |
|
|
667 |
Insufficient Locking |
|
|
668 |
Exposure of Resource to Wrong Sphere |
|
|
67 |
Improper Handling of Windows Device Names |
|
|
670 |
Always-Incorrect Control Flow Implementation |
|
|
671 |
Lack of Administrator Control over Security |
|
|
672 |
Operation on a Resource after Expiration or Release |
|
|
673 |
External Influence of Sphere Definition |
|
|
674 |
Uncontrolled Recursion |
|
|
675 |
Duplicate Operations on Resource |
|
|
676 |
Use of Potentially Dangerous Function |
|
|
681 |
Incorrect Conversion between Numeric Types |
|
|
683 |
Function Call With Incorrect Order of Arguments |
|
|
684 |
Failure to Provide Specified Functionality |
|
|
685 |
Function Call With Incorrect Number of Arguments |
|
|
686 |
Function Call With Incorrect Argument Type |
|
|
687 |
Function Call With Incorrectly Specified Argument Value |
|
|
688 |
Function Call With Incorrect Variable or Reference as Argument |
|
|
69 |
Failure to Handle Windows ::DATA Alternate Data Stream |
|
|
691 |
Insufficient Control Flow Management |
|
|
694 |
Use of Multiple Resources with Duplicate Identifier |
|
|
695 |
Use of Low-Level Functionality |
|
|
696 |
Incorrect Behavior Order |
|
|
697 |
Insufficient Comparison |
|
|
698 |
Redirect Without Exit |
|
|
7 |
J2EE Misconfiguration: Missing Custom Error Page |
|
|
703 |
Failure to Handle Exceptional Conditions |
|
|
705 |
Incorrect Control Flow Scoping |
|
|
706 |
Use of Incorrectly-Resolved Name or Reference |
|
