CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   

CWE Definitions

Sort Results By : CWE Number   Vulnerability Count
Select   Select&Copy
CWE Number Name Number Of Related Vulnerabilities
76 Failure to Resolve Equivalent Special Elements into a Different Plane 2
760 Use of a One-Way Hash with a Predictable Salt 2
778 Insufficient Logging 2
807 Reliance on Untrusted Inputs in a Security Decision 2
114 Process Control 1
138 Improper Neutralization of Special Elements 1
141 Improper Neutralization of Parameter/Argument Delimiters 1
146 Improper Neutralization of Expression/Command Delimiters 1
15 External Control of System or Configuration Setting 1
150 Improper Neutralization of Escape, Meta, or Control Sequences 1
167 Improper Handling of Additional Special Element 1
183 Permissive Whitelist 1
187 Partial Comparison 1
195 Signed to Unsigned Conversion Error 1
196 Unsigned to Signed Conversion Error 1
213 Intended Information Leak 1
214 Process Environment Information Leak 1
216 Containment Errors (Container Errors) 1
229 Improper Handling of Values 1
233 Parameter Problems 1
235 Improper Handling of Extra Parameters 1
24 Path Traversal: '../filedir' 1
242 Use of Inherently Dangerous Function 1
26 Path Traversal: '/dir/../filename' 1
260 Password in Configuration File 1
261 Weak Cryptography for Passwords 1
270 Privilege Context Switching Error 1
271 Privilege Dropping / Lowering Errors 1
274 Improper Handling of Insufficient Privileges 1
277 Insecure Inherited Permissions 1
279 Incorrect Execution-Assigned Permissions 1
283 Unverified Ownership 1
286 Incorrect User Management 1
296 Improper Following of Chain of Trust for Certificate Validation 1
299 Improper Check for Certificate Revocation 1
315 Plaintext Storage in a Cookie 1
316 Plaintext Storage in Memory 1
317 Plaintext Storage in GUI 1
322 Key Exchange without Entity Authentication 1
323 Reusing a Nonce, Key Pair in Encryption 1
324 Use of a Key Past its Expiration Date 1
325 Missing Required Cryptographic Step 1
328 Reversible One-Way Hash 1
334 Small Space of Random Values 1
337 Predictable Seed in PRNG 1
341 Predictable from Observable State 1
35 Path Traversal: '.../...//' 1
356 Product UI does not Warn User of Unsafe Actions 1
363 Race Condition Enabling Link Following 1
364 Signal Handler Race Condition 1
Total number of cwe definitions : 668   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14
The CWE definitions are only provided as a quick reference.They are not complete and may not be up to date!
You must visit http://cwe.mitre.org/ for a complete list of CWE entries and for more details.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.