Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-416 | Use After Free Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code. | 67 | 1438 | 1929 | 511 | 3945 | |
CWE-78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. | 8 | 427 | 1195 | 1495 | 3125 | |
CWE-287 | Improper Authentication When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. | 154 | 1317 | 1023 | 549 | 3043 | |
CWE-94 | Improper Control of Generation of Code ('Code Injection') The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. | 27 | 893 | 1124 | 870 | 2914 | |
CWE-476 | NULL Pointer Dereference A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. | 133 | 1775 | 514 | 74 | 2496 | |
CWE-310 | Cryptographic Issues Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed. | 112 | 1976 | 92 | 162 | 2342 | |
CWE-862 | Missing Authorization The software does not perform an authorization check when an actor attempts to access a resource or perform an action. | 134 | 1437 | 535 | 124 | 2230 | |
CWE-190 | Integer Overflow or Wraparound The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. | 70 | 1076 | 724 | 239 | 2109 | |
CWE-434 | Unrestricted Upload of File with Dangerous Type The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. | 11 | 657 | 878 | 536 | 2082 | |
CWE-399 | Resource Management Errors Weaknesses in this category are related to improper management of system resources. | 74 | 1060 | 504 | 419 | 2057 |