|CWE||NAME||LAST 12M||LOW||MEDIUM||HIGH||CRITICAL||TOTAL VULNS|
|CWE-549|| Missing Password Field Masking |
The software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
|CWE-1288|| Improper Validation of Consistency within Input |
The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.
|CWE-146|| Improper Neutralization of Expression/Command Delimiters |
The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression or command delimiters when they are sent to a downstream component.
|CWE-690|| Unchecked Return Value to NULL Pointer Dereference |
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
|CWE-1108|| Excessive Reliance on Global Variables |
The code is structured in a way that relies too much on using or setting global variables throughout various points in the code, instead of preserving the associated information in a narrower, more local context.
|CWE-833|| Deadlock |
The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
|CWE-1077|| Floating Point Comparison with Incorrect Operator |
The code performs a comparison such as an equality test between two float (floating point) values, but it uses comparison operators that do not account for the possibility of loss of precision.
|CWE-274|| Improper Handling of Insufficient Privileges |
The software does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
|CWE-597|| Use of Wrong Operator in String Comparison |
The product uses the wrong operator when comparing a string, such as using == when the equals() method should be used instead.
|CWE-455|| Non-exit on Failed Initialization |
The software does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format error, which can cause the software to execute in a less secure fashion than intended by the administrator.