[go: up one dir, main page]
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CWEs

CWE Name
CWE-ID
Vulnerabilities
Incorrectly Specified Destination in a Communication Channel9416
Permissive Cross-domain Policy with Untrusted Domains94264
Improper Neutralization of Special Elements in Data Query Logic94324
Sensitive Cookie Without 'HttpOnly' Flag100429
Insufficient Visual Distinction of Homoglyphs Presented to User10074
Improper Restriction of Rendered UI Layers or Frames1021390
Use of Web Link to Untrusted Target with window.opener Access102212
Incomplete Comparison with Missing Factors10235
Comparison of Incompatible Types10242
Comparison Using Wrong Factors10259
Processor Optimization Removal or Modification of Security-critical Code10375
Insecure Automated Optimizations10386
Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations10393
Use of Redundant Code10410
Static Member Data Element outside of a Singleton Class Element10420
Data Element Aggregating an Excessively Large Number of Non-Primitive Elements10430
Architecture with Number of Horizontal Layers Outside of Expected Range10440
Parent Class with a Virtual Destructor and a Child Class without a Virtual Destructor10450
Creation of Immutable Text Using String Concatenation10461
Modules with Circular Dependencies10471
Invokable Control Element with Large Number of Outward Calls10480
Excessive Data Query Operations in a Large Data Table10493
Excessive Platform Resource Consumption within a Loop105014
Initialization with Hard-Coded Network Resource Configuration Data10511
Excessive Use of Hard-Coded Literals in Initialization10521
Missing Documentation for Design10530
Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer10540
Multiple Inheritance from Concrete Classes10551
Invokable Control Element with Variadic Parameters10561
Data Access Operations Outside of Expected Data Manager Component10571
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element10580
Insufficient Technical Documentation10592
Excessive Number of Inefficient Server-Side Data Accesses10600
Insufficient Encapsulation10610
Parent Class with References to Child Class10620
Creation of Class Instance within a Static Code Block10630
Invokable Control Element with Signature Containing an Excessive Number of Parameters10640
Runtime Resource Management Control Element in a Component Built to Run on Application Servers10650
Missing Serialization Control Element10660
Excessive Execution of Sequential Searches of Data Resource10671
Inconsistency Between Implementation and Documented Design10685
Empty Exception Block10690
Serializable Data Element Containing non-Serializable Item Elements10700
Empty Code Block10710
Data Resource Access without Use of Connection Pooling10720
Non-SQL Invokable Control Element with Excessive Number of Data Resource Accesses10730
Class with Excessively Deep Inheritance10740
Unconditional Control Flow Transfer outside of Switch Block10750
Insufficient Adherence to Expected Conventions10762
Floating Point Comparison with Incorrect Operator10775
Inappropriate Source Code Style or Formatting10780
Parent Class without Virtual Destructor Method10790
Source Code File with Excessive Number of Lines of Code10800
Class Instance Self Destruction Control Element10820
Data Access from Outside Expected Data Manager Component10831
Invokable Control Element with Excessive File or Data Access Operations10840
Invokable Control Element with Excessive Volume of Commented-out Code10850
Class with Excessive Number of Child Classes10860
Class with Virtual Method without a Virtual Destructor10870
Synchronous Access of Remote Resource without Timeout10885
Large Data Table with Excessive Number of Indices10890
Method Containing Access of a Member Element from Another Class10900
Use of Object without Invoking Destructor Method10910
Use of Same Invokable Control Element in Multiple Architectural Layers10920
Excessively Complex Data Representation10930
Excessive Index Range Scan for a Data Resource10940
Loop Condition Value Update within the Loop10950
Singleton Class Instance Creation without Proper Locking or Synchronization10960
Persistent Storable Data Element without Associated Comparison Control Element10970
Data Element containing Pointer Item without Proper Copy Control Element10980
Inconsistent Naming Conventions for Identifiers10990
Insufficient Isolation of System-Dependent Functions11003
Reliance on Runtime Component in Generated Code11010
Reliance on Machine-Dependent Data Representation11021
Use of Platform-Dependent Third Party Components11032
Use of Unmaintained Third Party Components110420
Insufficient Encapsulation of Machine-Dependent Functionality11050
Insufficient Use of Symbolic Constants11061
Insufficient Isolation of Symbolic Constant Definitions11072
Excessive Reliance on Global Variables11083
Use of Same Variable for Multiple Purposes11090
Incomplete Design Documentation11100
Incomplete I/O Documentation11110
Incomplete Documentation of Program Execution11121
Inappropriate Comment Style11130
Inappropriate Whitespace Style11140
Source Code Element without Standard Prologue11150
Inaccurate Comments11164
Callable with Insufficient Behavioral Summary11170
Insufficient Documentation of Error Handling Techniques11181
Excessive Use of Unconditional Branching11191
Excessive Code Complexity11200
Excessive McCabe Cyclomatic Complexity11210
Excessive Halstead Complexity11220
Excessive Use of Self-Modifying Code11230
Excessively Deep Nesting11240
Excessive Attack Surface11255
Declaration of Variable with Unnecessarily Wide Scope11260
Compilation with Insufficient Warnings or Errors11272
Irrelevant Code11641