Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-782 | Exposed IOCTL with Insufficient Access Control The software implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL. | 0 | 0 | 1 | 0 | 1 | |
CWE-364 | Signal Handler Race Condition The software uses a signal handler that introduces a race condition. | 0 | 1 | 0 | 0 | 1 | |
CWE-649 | Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking The software uses obfuscation or encryption of inputs that should not be mutable by an external actor, but the software does not use integrity checks to detect if those inputs have been modified. | 0 | 1 | 0 | 0 | 1 | |
CWE-710 | Improper Adherence to Coding Standards The software does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. | 0 | 0 | 0 | 1 | 1 | |
CWE-598 | Information Exposure Through Query Strings in GET Request The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that requests. | 0 | 1 | 0 | 0 | 1 | |
CWE-315 | Cleartext Storage of Sensitive Information in a Cookie The application stores sensitive information in cleartext in a cookie. | 1 | 0 | 0 | 0 | 1 | |
CWE-1278 | Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques Secrets stored in hardware can be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as scanning electron microscopy. | 0 | 1 | 0 | 0 | 1 | |
CWE-304 | Missing Critical Step in Authentication The software implements an authentication technique, but it skips a step that weakens the technique. | 0 | 1 | 0 | 0 | 1 | |
CWE-240 | Improper Handling of Inconsistent Structural Elements The software does not handle or incorrectly handles when two or more structural elements should be consistent, but are not. | 0 | 1 | 0 | 0 | 1 | |
CWE-391 | Unchecked Error Condition [PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed. | 1 | 0 | 0 | 0 | 1 |