Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-1285 | Improper Validation of Specified Index, Position, or Offset in Input The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties. | 0 | 2 | 0 | 0 | 2 | |
CWE-366 | Race Condition within a Thread If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined. | 0 | 2 | 0 | 0 | 2 | |
CWE-540 | Information Exposure Through Source Code Source code on a web server or repository often contains sensitive information and should generally not be accessible to users. | 0 | 2 | 0 | 0 | 2 | |
CWE-1077 | Floating Point Comparison with Incorrect Operator The code performs a comparison such as an equality test between two float (floating point) values, but it uses comparison operators that do not account for the possibility of loss of precision. | 0 | 2 | 0 | 0 | 2 | |
CWE-114 | Process Control Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker. | 0 | 0 | 2 | 0 | 2 | |
CWE-242 | Use of Inherently Dangerous Function The program calls a function that can never be guaranteed to work safely. | 0 | 0 | 2 | 0 | 2 | |
CWE-807 | Reliance on Untrusted Inputs in a Security Decision The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. | 0 | 1 | 1 | 0 | 2 | |
CWE-590 | Free of Memory not on the Heap The application calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as malloc(), calloc(), or realloc(). | 0 | 1 | 1 | 0 | 2 | |
CWE-567 | Unsynchronized Access to Shared Data in a Multithreaded Context The product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes. | 0 | 1 | 1 | 0 | 2 | |
CWE-328 | Reversible One-Way Hash The product uses a hashing algorithm that produces a hash value that can be used to determine the original input, or to find an input that can produce the same hash, more efficiently than brute force techniques. | 0 | 2 | 0 | 0 | 2 |