Common Weakness Enumeration (CWE)

1,006 CWEs

CWENameCVEsAbstractionLikelihoodDetails
CWE-464Addition of Data Structure Sentinel0BaseHigh
CWE-481Assigning instead of Comparing0VariantLow
CWE-483Incorrect Block Delimitation0BaseLow
CWE-486Comparison of Classes by Name0VariantHigh
CWE-487Reliance on Package-level Scope0BaseMedium
CWE-492Use of Inner Class Containing Sensitive Data0VariantMedium
CWE-493Critical Public Variable Without Final Modifier0VariantHigh
CWE-496Public Data Assigned to Private Array-Typed Field0Variant-
CWE-498Cloneable Class Containing Sensitive Information0VariantMedium
CWE-500Public Static Field Not Marked Final0VariantHigh
CWE-510Trapdoor0Base-
CWE-512Spyware0Base-
CWE-516DEPRECATED: Covert Timing Channel0Base-
CWE-536Servlet Runtime Error Message Containing Sensitive Information0Variant-
CWE-537Java Runtime Error Message Containing Sensitive Information0Variant-
CWE-542DEPRECATED: Information Exposure Through Cleanup Log Files0Variant-
CWE-543Use of Singleton Pattern Without Synchronization in a Multithreaded Context0Variant-
CWE-545DEPRECATED: Use of Dynamic Class Loading0Variant-
CWE-546Suspicious Comment0Variant-
CWE-554ASP.NET Misconfiguration: Not Using Input Validation Framework0Variant-
CWE-558Use of getlogin() in Multithreaded Application0Variant-
CWE-560Use of umask() with chmod-style Argument0Variant-
CWE-568finalize() Method Without super.finalize()0Variant-
CWE-572Call to Thread run() instead of start()0Variant-
CWE-574EJB Bad Practices: Use of Synchronization Primitives0Variant-