Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-187 Partial String Comparison
The software performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses.
 1 0 0 0 1
CWE-41 Improper Resolution of Path Equivalence
The system or application is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object.
 0 1 0 0 1
CWE-274 Improper Handling of Insufficient Privileges
The software does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
 0 1 0 0 1
CWE-289 Authentication Bypass by Alternate Name
The software performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.
 0 0 1 0 1
CWE-304 Missing Critical Step in Authentication
The software implements an authentication technique, but it skips a step that weakens the technique.
 0 1 0 0 1
CWE-506 Embedded Malicious Code
The application contains code that appears to be malicious in nature.
 0 0 1 0 1
CWE-1049 Excessive Data Query Operations in a Large Data Table
The software performs a data query with a large number of joins and sub-queries on a large data table.
 0 0 1 0 1
CWE-457 Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
 1 0 0 0 1
CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)
The software does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.
 0 1 0 0 1