Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-328 | Reversible One-Way Hash The product uses a hashing algorithm that produces a hash value that can be used to determine the original input, or to find an input that can produce the same hash, more efficiently than brute force techniques. | 1 | 0 | 1 | 0 | 2 | |
CWE-457 | Use of Uninitialized Variable The code uses a variable that has not been initialized, leading to unpredictable or unintended results. | 1 | 0 | 1 | 0 | 2 | |
CWE-680 | Integer Overflow to Buffer Overflow The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow. | 0 | 1 | 1 | 0 | 2 | |
CWE-1262 | Register Interface Allows Software Access to Sensitive Data or Security Settings Memory-mapped registers provide access to hardware functionality from software and if not properly secured can result in loss of confidentiality and integrity. | 0 | 1 | 1 | 0 | 2 | |
CWE-277 | Insecure Inherited Permissions A product defines a set of insecure permissions that are inherited by objects that are created by the program. | 0 | 2 | 0 | 0 | 2 | |
CWE-130 | Improper Handling of Length Parameter Inconsistency The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data. | 1 | 0 | 1 | 0 | 2 | |
CWE-304 | Missing Critical Step in Authentication The software implements an authentication technique, but it skips a step that weakens the technique. | 0 | 2 | 0 | 0 | 2 | |
CWE-775 | Missing Release of File Descriptor or Handle after Effective Lifetime The software does not release a file descriptor or handle after its effective lifetime has ended, i.e., after the file descriptor/handle is no longer needed. | 0 | 0 | 1 | 0 | 1 | |
CWE-774 | Allocation of File Descriptors or Handles Without Limits or Throttling The software allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor. | 0 | 0 | 1 | 0 | 1 | |
CWE-405 | Asymmetric Resource Consumption (Amplification) Software that does not appropriately monitor or control resource consumption can lead to adverse system performance. | 0 | 0 | 1 | 0 | 1 |