|CWE||NAME||LAST 12M||LOW||MEDIUM||HIGH||CRITICAL||TOTAL VULNS|
|CWE-229|| Improper Handling of Values |
The software does not properly handle when the expected number of values for parameters, fields, or arguments is not provided in input, or if those values are undefined.
|CWE-941|| Incorrectly Specified Destination in a Communication Channel |
The software creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.
|CWE-235|| Improper Handling of Extra Parameters |
The software does not handle or incorrectly handles when the number of parameters, fields, or arguments with the same name exceeds the expected amount.
|CWE-337|| Predictable Seed in Pseudo-Random Number Generator (PRNG) |
A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.
|CWE-641|| Improper Restriction of Names for Files and Other Resources |
The application constructs the name of a file or other resource using input from an upstream component, but it does not restrict or incorrectly restricts the resulting name.
|CWE-1282|| Assumed-Immutable Data Stored in Writable Memory |
Immutable data, such as a first-stage bootloader, device identifiers, and write-once configuration settings are stored in writable memory that can be re-programmed/updated in the field.
|CWE-167|| Improper Handling of Additional Special Element |
The software receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.
|CWE-344|| Use of Invariant Value in Dynamically Changing Context |
The product uses a constant value, name, or reference, but this value can (or should) vary across different environments.
|CWE-1103|| Use of Platform-Dependent Third Party Components |
The product relies on third-party software components that do not provide equivalent functionality across all desirable platforms.
|CWE-1263|| Insufficient Physical Protection Mechanism |
The product is designed such that certain parts be restricted yet does not sufficiently protect against an unauthorized actor’s ability to physically access these restricted regions of the product.