Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-927Use of Implicit Intent for Sensitive Communication18Variant-
CWE-172Encoding Error17Class-
CWE-26Path Traversal: '/dir/../filename'17Variant-
CWE-296Improper Following of a Certificate's Chain of Trust17BaseLow
CWE-1325Improperly Controlled Sequential Memory Allocation17Base-
CWE-911Improper Update of Reference Count17BaseMedium
CWE-180Incorrect Behavior Order: Validate Before Canonicalize17Variant-
CWE-395Use of NullPointerException Catch to Detect NULL Pointer Dereference17Base-
CWE-1394Use of Default Cryptographic Key17Base-
CWE-698Execution After Redirect (EAR)17Base-
CWE-836Use of Password Hash Instead of Password for Authentication16Base-
CWE-642External Control of Critical State Data16ClassHigh
CWE-477Use of Obsolete Function16Base-
CWE-759Use of a One-Way Hash without a Salt16Variant-
CWE-406Insufficient Control of Network Message Volume (Network Amplification)16Class-
CWE-641Improper Restriction of Names for Files and Other Resources16BaseLow
CWE-549Missing Password Field Masking16Base-
CWE-837Improper Enforcement of a Single, Unique Action16Base-
CWE-417CWE-41715--
CWE-341Predictable from Observable State15Base-
CWE-155Improper Neutralization of Wildcards or Matching Symbols15Variant-
CWE-413Improper Resource Locking15Base-
CWE-1260Improper Handling of Overlap Between Protected Memory Ranges15Base-
CWE-351Insufficient Type Distinction15Base-
CWE-475Undefined Behavior for Input to API15Base-