Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-405 | Asymmetric Resource Consumption (Amplification) Software that does not appropriately monitor or control resource consumption can lead to adverse system performance. | 0 | 2 | 0 | 0 | 2 | |
CWE-228 | Improper Handling of Syntactically Invalid Structure The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification. | 0 | 0 | 1 | 1 | 2 | |
CWE-241 | Improper Handling of Unexpected Data Type The software does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z). | 0 | 1 | 1 | 0 | 2 | |
CWE-603 | Use of Client-Side Authentication A client/server product performs authentication within client code but not in server code, allowing server-side authentication to be bypassed via a modified client that omits the authentication check. | 0 | 0 | 1 | 1 | 2 | |
CWE-194 | Unexpected Sign Extension The software performs an operation on a number that causes it to be sign extended when it is transformed into a larger data type. When the original number is negative, this can produce unexpected values that lead to resultant weaknesses. | 0 | 2 | 0 | 0 | 2 | |
CWE-214 | Information Exposure Through Process Environment A process is invoked with sensitive command-line arguments, environment variables, or other elements that can be seen by other processes on the operating system. | 0 | 1 | 1 | 0 | 2 | |
CWE-923 | Improper Restriction of Communication Channel to Intended Endpoints The software establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint. | 0 | 2 | 0 | 0 | 2 | |
CWE-842 | Placement of User into Incorrect Group The software or the administrator places a user into an incorrect group. | 0 | 0 | 2 | 0 | 2 | |
CWE-124 | Buffer Underwrite ('Buffer Underflow') The software writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. | 0 | 0 | 2 | 0 | 2 | |
CWE-1022 | Use of Web Link to Untrusted Target with window.opener Access The web application produces links to untrusted external sites outside of its sphere of control, but it does not properly prevent the external site from modifying security-critical properties of the window.opener object, such as the location property. | 0 | 2 | 0 | 0 | 2 |