Categories
| CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
|---|---|---|---|---|---|---|---|
| CWE-895 | SFP Primary Cluster: Information Leak This category identifies Software Fault Patterns (SFPs) within the Information Leak cluster.This category identifies Software Fault Patterns (SFPs) within the Information Leak cluster. | 0 | 1 | 0 | 0 | 1 | |
| CWE-774 | Allocation of File Descriptors or Handles Without Limits or Throttling The software allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor. | 0 | 1 | 0 | 0 | 1 | |
| CWE-398 | 7PK - Code Quality This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that do not directly introduce a weakness or vulnerability, but indicate that the product has not been carefully developed or maintained. According to the authors of the Seven Pernicious Kingdoms, "Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an adversary it provides an opportunity to stress the system in unexpected ways."This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that do not directly introduce a weakness or vulnerability, but indicate that the product has not been carefully developed or maintained. According to the authors of the Seven Pernicious Kingdoms, "Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an adversary it provides an opportunity to stress the system in unexpected ways." | 0 | 0 | 1 | 0 | 1 | |
| CWE-216 | Containment Errors (Container Errors) This entry has been deprecated, as it was not effective as a weakness and was structured more like a category. In addition, the name is inappropriate, since the container term is widely understood by developers in different ways than originally intended by PLOVER, the original source for this entry. | 0 | 1 | 0 | 0 | 1 | |
| CWE-371 | State Issues Weaknesses in this category are related to improper management of system state.Weaknesses in this category are related to improper management of system state. | 0 | 1 | 0 | 0 | 1 | |
| CWE-628 | Function Call with Incorrectly Specified Arguments The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses. | 0 | 0 | 1 | 0 | 1 | |
| CWE-317 | Cleartext Storage of Sensitive Information in GUI The application stores sensitive information in cleartext within the GUI. | 0 | 1 | 0 | 0 | 1 | |
| CWE-195 | Signed to Unsigned Conversion Error The software uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive. | 0 | 0 | 1 | 0 | 1 | |
| CWE-684 | Incorrect Provision of Specified Functionality The code does not function according to its published specifications, potentially leading to incorrect usage. | 1 | 0 | 0 | 0 | 1 | |
| CWE-299 | Improper Check for Certificate Revocation The software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised. | 0 | 1 | 0 | 0 | 1 |