Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-539Use of Persistent Cookies Containing Sensitive Information7Variant-
CWE-480Use of Incorrect Operator7BaseLow
CWE-179Incorrect Behavior Order: Early Validation7Base-
CWE-692Incomplete Denylist to Cross-Site Scripting7Compound-
CWE-82Improper Neutralization of Script in Attributes of IMG Tags in a Web Page7Variant-
CWE-645Overly Restrictive Account Lockout Mechanism7BaseHigh
CWE-298Improper Validation of Certificate Expiration7VariantLow
CWE-97Improper Neutralization of Server-Side Includes (SSI) Within a Web Page7Variant-
CWE-219Storage of File with Sensitive Data Under Web Root6Variant-
CWE-18CWE-186--
CWE-21CWE-216--
CWE-342Predictable Exact Value from Previous Values6Base-
CWE-1335Incorrect Bitwise Shift of Integer6Base-
CWE-37Path Traversal: '/absolute/pathname/here'6Variant-
CWE-65Windows Hard Link6Variant-
CWE-249DEPRECATED: Often Misused: Path Manipulation6Variant-
CWE-628Function Call with Incorrectly Specified Arguments6Base-
CWE-649Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking6BaseHigh
CWE-626Null Byte Interaction Error (Poison Null Byte)6Variant-
CWE-710Improper Adherence to Coding Standards6Pillar-
CWE-368Context Switching Race Condition6Base-
CWE-196Unsigned to Signed Conversion Error6VariantMedium
CWE-408Incorrect Behavior Order: Early Amplification6Base-
CWE-839Numeric Range Comparison Without Minimum Check6Base-
CWE-771Missing Reference to Active Allocated Resource6BaseMedium