Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-830Inclusion of Web Functionality from an Untrusted Source12Variant-
CWE-1022Use of Web Link to Untrusted Target with window.opener Access12VariantMedium
CWE-1023Incomplete Comparison with Missing Factors12Class-
CWE-1258Exposure of Sensitive System Information Due to Uncleared Debug Information12Base-
CWE-25Path Traversal: '/../filedir'12Variant-
CWE-76Improper Neutralization of Equivalent Special Elements12BaseHigh
CWE-230Improper Handling of Missing Values12Variant-
CWE-308Use of Single-factor Authentication12BaseHigh
CWE-701CWE-70112--
CWE-762Mismatched Memory Management Routines12VariantLow
CWE-530Exposure of Backup File to an Unauthorized Control Sphere12Variant-
CWE-547Use of Hard-coded, Security-relevant Constants11Base-
CWE-656Reliance on Security Through Obscurity11Class-
CWE-265CWE-26511--
CWE-232Improper Handling of Undefined Values11Variant-
CWE-612Improper Authorization of Index Containing Sensitive Information11Base-
CWE-187Partial String Comparison11Variant-
CWE-650Trusting HTTP Permission Methods on the Server Side11VariantHigh
CWE-31Path Traversal: 'dir\..\..\filename'11Variant-
CWE-1025Comparison Using Wrong Factors11Base-
CWE-1341Multiple Releases of Same Resource or Handle11Base-
CWE-393Return of Wrong Status Code10Base-
CWE-332Insufficient Entropy in PRNG10VariantMedium
CWE-242Use of Inherently Dangerous Function10BaseHigh
CWE-760Use of a One-Way Hash with a Predictable Salt10Variant-