CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
182 |
Collapse of Data Into Unsafe Value |
|
186 |
Overly Restrictive Regular Expression |
|
188 |
Reliance on Data/Memory Layout |
|
197 |
Numeric Truncation Error |
|
198 |
Use of Incorrect Byte Ordering |
|
205 |
Information Exposure Through Behavioral Discrepancy |
|
206 |
Internal Behavioral Inconsistency Information Leak |
|
207 |
Information Exposure Through an External Behavioral Inconsistency |
|
210 |
Product-Generated Error Message Information Leak |
|
211 |
Product-External Error Message Information Leak |
|
215 |
Information Leak Through Debug Information |
|
217 |
DEPRECATED: Failure to Protect Stored Data from Modification |
|
218 |
DEPRECATED (Duplicate): Failure to provide confidentiality for stored data |
|
219 |
Sensitive Data Under Web Root |
|
220 |
Sensitive Data Under FTP Root |
|
221 |
Information Loss or Omission |
|
222 |
Truncation of Security-relevant Information |
|
223 |
Omission of Security-relevant Information |
|
224 |
Obscured Security-relevant Information by Alternate Name |
|
225 |
DEPRECATED (Duplicate): General Information Management Problems |
|
226 |
Sensitive Information Uncleared Before Release |
|
227 |
Failure to Fulfill API Contract ('API Abuse') |
|
230 |
Improper Handling of Missing Values |
|
231 |
Improper Handling of Extra Values |
|
232 |
Improper Handling of Undefined Values |
|
234 |
Failure to Handle Missing Parameter |
|
236 |
Improper Handling of Undefined Parameters |
|
237 |
Improper Handling of Structural Elements |
|
238 |
Improper Handling of Incomplete Structural Elements |
|
239 |
Failure to Handle Incomplete Element |
|
243 |
Failure to Change Working Directory in chroot Jail |
|
244 |
Failure to Clear Heap Memory Before Release ('Heap Inspection') |
|
245 |
J2EE Bad Practices: Direct Management of Connections |
|
246 |
J2EE Bad Practices: Direct Use of Sockets |
|
247 |
Reliance on DNS Lookups in a Security Decision |
|
249 |
DEPRECATED: Often Misused: Path Manipulation |
|
25 |
Path Traversal: '/../filedir' |
|
253 |
Incorrect Check of Function Return Value |
|
258 |
Empty Password in Configuration File |
|
260 |
Password in Configuration File |
|
262 |
Not Using Password Aging |
|
263 |
Password Aging with Long Expiration |
|
27 |
Path Traversal: 'dir/../../filename' |
|
272 |
Least Privilege Violation |
|
278 |
Insecure Preserved Inherited Permissions |
|
28 |
Path Traversal: '..\filedir' |
|
282 |
Improper Ownership Management |
|
289 |
Authentication Bypass by Alternate Name |
|
292 |
Trusting Self-reported DNS Name |
|
293 |
Using Referer Field for Authentication |
|