Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-328 Reversible One-Way Hash
The product uses a hashing algorithm that produces a hash value that can be used to determine the original input, or to find an input that can produce the same hash, more efficiently than brute force techniques.
1 0 1 0 2
CWE-457 Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
1 0 1 0 2
CWE-680 Integer Overflow to Buffer Overflow
The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
0 1 1 0 2
CWE-1262 Register Interface Allows Software Access to Sensitive Data or Security Settings
Memory-mapped registers provide access to hardware functionality from software and if not properly secured can result in loss of confidentiality and integrity.
0 1 1 0 2
CWE-277 Insecure Inherited Permissions
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
0 2 0 0 2
CWE-130 Improper Handling of Length Parameter Inconsistency
The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.
1 0 1 0 2
CWE-304 Missing Critical Step in Authentication
The software implements an authentication technique, but it skips a step that weakens the technique.
0 2 0 0 2
CWE-775 Missing Release of File Descriptor or Handle after Effective Lifetime
The software does not release a file descriptor or handle after its effective lifetime has ended, i.e., after the file descriptor/handle is no longer needed.
0 0 1 0 1
CWE-774 Allocation of File Descriptors or Handles Without Limits or Throttling
The software allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor.
0 0 1 0 1
CWE-405 Asymmetric Resource Consumption (Amplification)
Software that does not appropriately monitor or control resource consumption can lead to adverse system performance.
0 0 1 0 1