Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-309Use of Password System for Primary Authentication1BaseHigh
CWE-541Inclusion of Sensitive Information in an Include File1Variant-
CWE-370Missing Check for Certificate Revocation after Initial Check1VariantMedium
CWE-188Reliance on Data/Memory Layout1BaseLow
CWE-1366CWE-13661--
CWE-1119Excessive Use of Unconditional Branching1Base-
CWE-553Command Shell in Externally Accessible Directory1Variant-
CWE-663Use of a Non-reentrant Function in a Concurrent Context1Base-
CWE-1310Missing Ability to Patch ROM Code1Base-
CWE-38Path Traversal: '\absolute\pathname\here'1Variant-
CWE-42Path Equivalence: 'filename.' (Trailing Dot)1Variant-
CWE-46Path Equivalence: 'filename ' (Trailing Space)1Variant-
CWE-145Improper Neutralization of Section Delimiters1Variant-
CWE-160Improper Neutralization of Leading Special Elements1Variant-
CWE-162Improper Neutralization of Trailing Special Elements1Variant-
CWE-222Truncation of Security-relevant Information1Base-
CWE-433Unparsed Raw Web Content Delivery1Variant-
CWE-443DEPRECATED: HTTP response splitting1Base-
CWE-469Use of Pointer Subtraction to Determine Size1BaseMedium
CWE-478Missing Default Case in Multiple Condition Expression1Base-
CWE-484Omitted Break Statement in Switch1BaseMedium
CWE-514Covert Channel1Class-
CWE-515Covert Storage Channel1BaseHigh
CWE-533DEPRECATED: Information Exposure Through Server Log Files1Variant-
CWE-637Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')1Class-