Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-625Permissive Regular Expression10Base-
CWE-363Race Condition Enabling Link Following10Base-
CWE-258Empty Password in Configuration File10VariantHigh
CWE-299Improper Check for Certificate Revocation10BaseMedium
CWE-694Use of Multiple Resources with Duplicate Identifier10Base-
CWE-646Reliance on File Name or Extension of Externally-Supplied File10VariantHigh
CWE-1299Missing Protection Mechanism for Alternate Hardware Interface10Base-
CWE-842Placement of User into Incorrect Group10Base-
CWE-1262Improper Access Control for Register Interface10Base-
CWE-291Reliance on IP Address for Authentication10VariantHigh
CWE-86Improper Neutralization of Invalid Characters in Identifiers in Web Pages10Variant-
CWE-14Compiler Removal of Code to Clear Buffers10Variant-
CWE-826Premature Release of Resource During Expected Lifetime10Base-
CWE-564SQL Injection: Hibernate10Variant-
CWE-1241Use of Predictable Algorithm in Random Number Generator9Base-
CWE-561Dead Code9Base-
CWE-941Incorrectly Specified Destination in a Communication Channel9Base-
CWE-733Compiler Optimization Removal or Modification of Security-critical Code9Base-
CWE-372Incomplete Internal State Distinction9Base-
CWE-64Windows Shortcut Following (.LNK)9VariantLow
CWE-81Improper Neutralization of Script in an Error Message Web Page9Variant-
CWE-141Improper Neutralization of Parameter/Argument Delimiters9Variant-
CWE-786Access of Memory Location Before Start of Buffer9Base-
CWE-921Storage of Sensitive Data in a Mechanism without Access Control9Base-
CWE-676Use of Potentially Dangerous Function9BaseHigh