CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

CWE Definitions

Select   Select&Copy
CWE Number Name Number Of Related Vulnerabilities
202 Privacy Leak through Data Queries 2
240 Improper Handling of Inconsistent Structural Elements 2
248 Uncaught Exception 2
303 Incorrect Implementation of Authentication Algorithm 2
342 Predictable Exact Value from Previous Values 2
35 Path Traversal: '.../...//' 2
350 Improperly Trusted Reverse DNS 2
353 Failure to Add Integrity Check Value 2
405 Asymmetric Resource Consumption (Amplification) 2
534 Information Leak Through Debug Log Files 2
551 Incorrect Behavior Order: Authorization Before Parsing and Canonicalization 2
642 External Control of Critical State Data 2
657 Violation of Secure Design Principles 2
664 Improper Control of a Resource Through its Lifetime 2
789 Uncontrolled Memory Allocation 2
805 Buffer Access with Incorrect Length Value 2
112 Missing XML Validation 1
114 Process Control 1
115 Misinterpretation of Input 1
117 Improper Output Sanitization for Logs 1
124 Buffer Underwrite ('Buffer Underflow') 1
130 Improper Handling of Length Parameter Inconsistency 1
15 External Control of System or Configuration Setting 1
183 Permissive Whitelist 1
194 Unexpected Sign Extension 1
204 Response Discrepancy Information Leak 1
208 Timing Discrepancy Information Leak 1
216 Containment Errors (Container Errors) 1
228 Improper Handling of Syntactically Invalid Structure 1
241 Improper Handling of Unexpected Data Type 1
242 Use of Inherently Dangerous Function 1
257 Storing Passwords in a Recoverable Format 1
26 Path Traversal: '/dir/../filename' 1
261 Weak Cryptography for Passwords 1
267 Privilege Defined With Unsafe Actions 1
268 Privilege Chaining 1
270 Privilege Context Switching Error 1
271 Privilege Dropping / Lowering Errors 1
277 Insecure Inherited Permissions 1
279 Incorrect Execution-Assigned Permissions 1
280 Improper Handling of Insufficient Permissions or Privileges 1
283 Unverified Ownership 1
296 Improper Following of Chain of Trust for Certificate Validation 1
299 Improper Check for Certificate Revocation 1
302 Authentication Bypass by Assumed-Immutable Data 1
304 Missing Critical Step in Authentication 1
313 Plaintext Storage in a File or on Disk 1
315 Plaintext Storage in a Cookie 1
316 Plaintext Storage in Memory 1
317 Plaintext Storage in GUI 1
Total number of cwe definitions : 668   Page : 1 2 3 4 (This Page)5 6 7 8 9 10 11 12 13 14
The CWE definitions are only provided as a quick reference.They are not complete and may not be up to date!
You must visit http://cwe.mitre.org/ for a complete list of CWE entries and for more details.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.