Weaknesses

CWE weakness types scored by proportion of linked CVEs with active exploitation.

761 weaknesses scored · Page 8 of 8

critical-risk
2
high-risk
1
moderate-risk
11
low-risk
747
Weakness Score Tier
Generation of Predictable IV with CBC Mode 0/100 low-risk
Insufficient Entropy in PRNG 0/100 low-risk
Small Space of Random Values 0/100 low-risk
Same Seed in Pseudo-Random Number Generator (PRNG) 0/100 low-risk
Predictable Seed in Pseudo-Random Number Generator (PRNG) 0/100 low-risk
Small Seed Space in PRNG 0/100 low-risk
Path Traversal: '....//' 0/100 low-risk
Generation of Predictable Numbers or Identifiers 0/100 low-risk
Predictable from Observable State 0/100 low-risk
Predictable Exact Value from Previous Values 0/100 low-risk
Predictable Value Range from Previous Values 0/100 low-risk
Use of Invariant Value in Dynamically Changing Context 0/100 low-risk
Acceptance of Extraneous Untrusted Data With Trusted Data 0/100 low-risk
Reliance on Reverse DNS Resolution for a Security-Critical Action 0/100 low-risk
Missing Support for Integrity Check 0/100 low-risk
Insufficient UI Warning of Dangerous Operations 0/100 low-risk
Trust of System Event Data 0/100 low-risk
Race Condition Enabling Link Following 0/100 low-risk
Context Switching Race Condition 0/100 low-risk
Path Traversal: '/absolute/pathname/here' 0/100 low-risk
Missing Check for Certificate Revocation after Initial Check 0/100 low-risk
Passing Mutable Objects to an Untrusted Method 0/100 low-risk
Insecure Temporary File 0/100 low-risk
Creation of Temporary File With Insecure Permissions 0/100 low-risk
Covert Timing Channel 0/100 low-risk
Symbolic Name not Mapping to Correct Object 0/100 low-risk
Path Traversal: 'C:dirname' 0/100 low-risk
Unchecked Error Condition 0/100 low-risk
Missing Report of Error Condition 0/100 low-risk
Return of Wrong Status Code 0/100 low-risk
Unexpected Status Code or Return Value 0/100 low-risk
Use of NullPointerException Catch to Detect NULL Pointer Dereference 0/100 low-risk
Declaration of Catch for Generic Exception 0/100 low-risk
Path Traversal: '\\UNC\share\name\' (Windows UNC Share) 0/100 low-risk
Transmission of Private Resources into a New Sphere ('Resource Leak') 0/100 low-risk
Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') 0/100 low-risk
Incorrect Behavior Order: Early Amplification 0/100 low-risk
Improper Handling of Highly Compressed Data (Data Amplification) 0/100 low-risk
Improper Resolution of Path Equivalence 0/100 low-risk
Unrestricted Externally Accessible Lock 0/100 low-risk
Improper Resource Locking 0/100 low-risk
Missing Lock Check 0/100 low-risk
Race Condition During Access to Alternate Channel 0/100 low-risk
Unprotected Windows Messaging Channel ('Shatter') 0/100 low-risk
Unquoted Search Path or Element 0/100 low-risk
Deployment of Wrong Handler 0/100 low-risk
Missing Handler 0/100 low-risk
Unparsed Raw Web Content Delivery 0/100 low-risk
Improper Interaction Between Multiple Correctly-Behaving Entities 0/100 low-risk
Incomplete Model of Endpoint Features 0/100 low-risk
Expected Behavior Violation 0/100 low-risk
UI Discrepancy for Security Feature 0/100 low-risk
Unimplemented or Unsupported Feature in UI 0/100 low-risk
Obsolete Feature in UI 0/100 low-risk
The UI Performs the Wrong Action 0/100 low-risk
Multiple Interpretations of UI Input 0/100 low-risk
Insecure Default Variable Initialization 0/100 low-risk
External Initialization of Trusted Variables or Data Stores 0/100 low-risk
Non-exit on Failed Initialization 0/100 low-risk
Missing Initialization of a Variable 0/100 low-risk
Improper Cleanup on Thrown Exception 0/100 low-risk
« Prev 1 6 7 8