Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-804Guessable CAPTCHA15Base-
CWE-1259Improper Restriction of Security Token Assignment15Base-
CWE-1386Insecure Operation on Windows Junction / Mount Point15Base-
CWE-394Unexpected Status Code or Return Value14Base-
CWE-1050Excessive Platform Resource Consumption within a Loop14Base-
CWE-599Missing Validation of OpenSSL Certificate14Variant-
CWE-790Improper Filtering of Special Elements14Class-
CWE-820Missing Synchronization14Base-
CWE-449The UI Performs the Wrong Action14Base-
CWE-1242Inclusion of Undocumented Features or Chicken Bits14Base-
CWE-838Inappropriate Encoding for Output Context13Base-
CWE-329Generation of Predictable IV with CBC Mode13VariantMedium
CWE-138Improper Neutralization of Special Elements13Class-
CWE-159Improper Handling of Invalid Use of Special Elements13Class-
CWE-334Small Space of Random Values13Base-
CWE-337Predictable Seed in Pseudo-Random Number Generator (PRNG)13Variant-
CWE-474Use of Function with Inconsistent Implementations13Base-
CWE-643Improper Neutralization of Data within XPath Expressions ('XPath Injection')13BaseHigh
CWE-821Incorrect Synchronization13Base-
CWE-1263Improper Physical Access Control13Class-
CWE-392Missing Report of Error Condition12Base-
CWE-177Improper Handling of URL Encoding (Hex Encoding)12Variant-
CWE-419Unprotected Primary Channel12Base-
CWE-271Privilege Dropping / Lowering Errors12ClassHigh
CWE-1244Internal Asset Exposed to Unsafe Debug Access Level or State12Base-