Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-1278 | Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques Secrets stored in hardware can be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as scanning electron microscopy. | 0 | 1 | 0 | 0 | 1 | |
CWE-42 | Path Equivalence: 'filename.' (Trailing Dot) A software system that accepts path input in the form of trailing dot ('filedir.') without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files. | 0 | 1 | 0 | 0 | 1 | |
CWE-15 | External Control of System or Configuration Setting One or more system settings or configuration elements can be externally controlled by a user. | 0 | 1 | 0 | 0 | 1 | |
CWE-304 | Missing Critical Step in Authentication The software implements an authentication technique, but it skips a step that weakens the technique. | 0 | 1 | 0 | 0 | 1 | |
CWE-242 | Use of Inherently Dangerous Function The program calls a function that can never be guaranteed to work safely. | 0 | 0 | 1 | 0 | 1 | |
CWE-525 | Information Exposure Through Browser Caching The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached. | 1 | 0 | 0 | 0 | 1 | |
CWE-791 | Incomplete Filtering of Special Elements The software receives data from an upstream component, but does not completely filter special elements before sending it to a downstream component. | 0 | 0 | 0 | 1 | 1 | |
CWE-391 | Unchecked Error Condition [PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed. | 1 | 0 | 0 | 0 | 1 | |
CWE-456 | Missing Initialization of a Variable The software does not initialize critical variables, which causes the execution environment to use unexpected values. | 0 | 1 | 0 | 0 | 1 | |
CWE-825 | Expired Pointer Dereference The program dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid. | 0 | 1 | 0 | 0 | 1 |