Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-1187 | DEPRECATED: Use of Uninitialized Resource This entry has been deprecated because it was a duplicate of CWE-908. All content has been transferred to CWE-908. | 0 | 2 | 0 | 1 | 3 | |
CWE-920 | Improper Restriction of Power Consumption The software operates in an environment in which power is a limited resource that cannot be automatically replenished, but the software does not properly restrict the amount of power that its operation consumes. | 0 | 2 | 1 | 0 | 3 | |
CWE-943 | Improper Neutralization of Special Elements in Data Query Logic The application generates a query intended to access or manipulate data in a data store such as a database, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query. | 0 | 1 | 2 | 0 | 3 | |
CWE-1287 | Improper Validation of Specified Type of Input The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type. | 0 | 0 | 2 | 1 | 3 | |
CWE-86 | Improper Neutralization of Invalid Characters in Identifiers in Web Pages The software does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers. | 0 | 3 | 0 | 0 | 3 | |
CWE-664 | Improper Control of a Resource Through its Lifetime The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release. | 0 | 1 | 2 | 0 | 3 | |
CWE-471 | Modification of Assumed-Immutable Data (MAID) The software does not properly protect an assumed-immutable element from being modified by an attacker. | 0 | 2 | 1 | 0 | 3 | |
CWE-526 | Information Exposure Through Environmental Variables Environmental variables may contain sensitive information about a remote server. | 0 | 3 | 0 | 0 | 3 | |
CWE-1286 | Improper Validation of Syntactic Correctness of Input The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax. | 0 | 2 | 1 | 0 | 3 | |
CWE-598 | Information Exposure Through Query Strings in GET Request The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that requests. | 2 | 0 | 1 | 0 | 3 |