Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-460 Improper Cleanup on Thrown Exception
The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.
1 0 0 0 1
CWE-524 Information Exposure Through Caching
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.
0 1 0 0 1
CWE-1258 Sensitive Information Uncleared During Hardware Debug Flows
The hardware does not fully clear security-sensitive values, such as keys and intermediate values in cryptographic operations, when debug mode is entered.
0 0 1 0 1
CWE-141 Improper Neutralization of Parameter/Argument Delimiters
The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component.
0 0 1 0 1
CWE-84 Improper Neutralization of Encoded URI Schemes in a Web Page
The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.
0 0 1 0 1
CWE-549 Missing Password Field Masking
The software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
0 1 0 0 1
CWE-146 Improper Neutralization of Expression/Command Delimiters
The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression or command delimiters when they are sent to a downstream component.
0 0 1 0 1
CWE-690 Unchecked Return Value to NULL Pointer Dereference
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
0 0 1 0 1
CWE-1108 Excessive Reliance on Global Variables
The code is structured in a way that relies too much on using or setting global variables throughout various points in the code, instead of preserving the associated information in a narrower, more local context.
0 0 1 0 1
CWE-833 Deadlock
The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
0 1 0 0 1