[go: up one dir, main page]
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CWEs

CWE Name
CWE-ID
Vulnerabilities
J2EE Misconfiguration: Data Transmission Without Encryption52
J2EE Misconfiguration: Insufficient Session-ID Length61
J2EE Misconfiguration: Missing Custom Error Page70
J2EE Misconfiguration: Entity Bean Declared Remote80
J2EE Misconfiguration: Weak Access Permissions for EJB Methods90
ASP.NET Misconfiguration: Creating Debug Binary112
ASP.NET Misconfiguration: Missing Custom Error Page121
ASP.NET Misconfiguration: Password in Configuration File130
Compiler Removal of Code to Clear Buffers140
External Control of System or Configuration Setting1552
Improper Input Validation2012473
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')228253
Relative Path Traversal23353
Path Traversal: '../filedir'24100
Path Traversal: '/../filedir'2513
Path Traversal: '/dir/../filename'2616
Path Traversal: 'dir/../../filename'2720
Path Traversal: '..\filedir'282
Path Traversal: '\..\filename'2960
Path Traversal: '\dir\..\filename'301
Path Traversal: 'dir\..\..\filename'3111
Path Traversal: '...' (Triple Dot)322
Path Traversal: '....' (Multiple Dot)330
Path Traversal: '....//'341
Path Traversal: '.../...//'35147
Absolute Path Traversal36109
Path Traversal: '/absolute/pathname/here'374
Path Traversal: '\absolute\pathname\here'380
Path Traversal: 'C:dirname'391
Path Traversal: '\\UNC\share\name\' (Windows UNC Share)403
Improper Resolution of Path Equivalence4122
Path Equivalence: 'filename.' (Trailing Dot)421
Path Equivalence: 'filename....' (Multiple Trailing Dot)431
Path Equivalence: 'file.name' (Internal Dot)441
Path Equivalence: 'file...name' (Multiple Internal Dot)450
Path Equivalence: 'filename ' (Trailing Space)460
Path Equivalence: ' filename' (Leading Space)470
Path Equivalence: 'file name' (Internal Whitespace)480
Path Equivalence: 'filename/' (Trailing Slash)490
Path Equivalence: '//multiple/leading/slash'501
Path Equivalence: '/multiple//internal/slash'510
Path Equivalence: '/multiple/trailing/slash//'520
Path Equivalence: '\multiple\\internal\backslash'530
Path Equivalence: 'filedir\' (Trailing Backslash)540
Path Equivalence: '/./' (Single Dot Directory)550
Path Equivalence: 'filedir*' (Wildcard)560
Path Equivalence: 'fakedir/../realdir/filename'571
Path Equivalence: Windows 8.3 Filename580
Improper Link Resolution Before File Access ('Link Following')591419
UNIX Symbolic Link (Symlink) Following61117
UNIX Hard Link623
Windows Shortcut Following (.LNK)6410
Windows Hard Link656
Improper Handling of File Names that Identify Virtual Resources661
Improper Handling of Windows Device Names675
Improper Handling of Windows ::DATA Alternate Data Stream692
Improper Handling of Apple HFS+ Alternate Data Stream Path720
External Control of File Name or Path73350
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')744395
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)7540
Improper Neutralization of Equivalent Special Elements7610
Improper Neutralization of Special Elements used in a Command ('Command Injection')773607
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')785273
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')7942688
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)80496
Improper Neutralization of Script in an Error Message Web Page818
Improper Neutralization of Script in Attributes of IMG Tags in a Web Page820
Improper Neutralization of Script in Attributes in a Web Page8318
Improper Neutralization of Encoded URI Schemes in a Web Page8417
Doubled Character XSS Manipulations852
Improper Neutralization of Invalid Characters in Identifiers in Web Pages8610
Improper Neutralization of Alternate XSS Syntax8733
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')88316
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')8918065
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')9047
XML Injection (aka Blind XPath Injection)91121
Improper Neutralization of CRLF Sequences ('CRLF Injection')93104
Improper Control of Generation of Code ('Code Injection')945988
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')95111
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')9626
Improper Neutralization of Server-Side Includes (SSI) Within a Web Page977
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')98833
Improper Control of Resource Identifiers ('Resource Injection')9955
Struts: Duplicate Validation Forms1021
Struts: Incomplete validate() Method Definition1030
Struts: Form Bean Does Not Extend Validation Class1040
Struts: Form Field Without Validator1050
Struts: Plug-in Framework not in Use1060
Struts: Unused Validation Form1070
Struts: Unvalidated Action Form1081
Struts: Validator Turned Off1090
Struts: Validator Without Form Field1100
Direct Use of Unsafe JNI1112
Missing XML Validation11210
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')11371
Process Control11424
Misinterpretation of Input11536
Improper Encoding or Escaping of Output116391
Improper Output Neutralization for Logs117117
Incorrect Access of Indexable Resource ('Range Error')11823