Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-824 Access of Uninitialized Pointer
The program accesses or uses a pointer that has not been initialized.
 5 29 64 8 106
CWE-829 Inclusion of Functionality from Untrusted Control Sphere
The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
 2 25 54 22 103
CWE-697 Incorrect Comparison
The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
 1 43 38 17 99
CWE-354 Improper Validation of Integrity Check Value
The software does not validate or incorrectly validates the integrity check values or checksums of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
 3 41 44 4 92
CWE-193 Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
 1 16 48 27 92
CWE-252 Unchecked Return Value
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
 1 43 32 7 83
CWE-494 Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
 1 13 53 15 82
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
 4 21 44 12 81
CWE-131 Incorrect Calculation of Buffer Size
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
 1 22 38 18 79
CWE-834 Excessive Iteration
The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
 1 52 26 0 79