Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-1108 | Excessive Reliance on Global Variables The code is structured in a way that relies too much on using or setting global variables throughout various points in the code, instead of preserving the associated information in a narrower, more local context. | 0 | 0 | 1 | 0 | 1 | |
CWE-597 | Use of Wrong Operator in String Comparison The product uses the wrong operator when comparing a string, such as using == when the equals() method should be used instead. | 0 | 0 | 0 | 1 | 1 | |
CWE-455 | Non-exit on Failed Initialization The software does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format error, which can cause the software to execute in a less secure fashion than intended by the administrator. | 0 | 1 | 0 | 0 | 1 | |
CWE-562 | Return of Stack Variable Address A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a crash. | 0 | 0 | 0 | 1 | 1 | |
CWE-229 | Improper Handling of Values The software does not properly handle when the expected number of values for parameters, fields, or arguments is not provided in input, or if those values are undefined. | 0 | 1 | 0 | 0 | 1 | |
CWE-941 | Incorrectly Specified Destination in a Communication Channel The software creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor. | 0 | 1 | 0 | 0 | 1 | |
CWE-641 | Improper Restriction of Names for Files and Other Resources The application constructs the name of a file or other resource using input from an upstream component, but it does not restrict or incorrectly restricts the resulting name. | 0 | 0 | 1 | 0 | 1 | |
CWE-1282 | Assumed-Immutable Data Stored in Writable Memory Immutable data, such as a first-stage bootloader, device identifiers, and write-once configuration settings are stored in writable memory that can be re-programmed/updated in the field. | 0 | 0 | 1 | 0 | 1 | |
CWE-167 | Improper Handling of Additional Special Element The software receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided. | 0 | 1 | 0 | 0 | 1 | |
CWE-344 | Use of Invariant Value in Dynamically Changing Context The product uses a constant value, name, or reference, but this value can (or should) vary across different environments. | 0 | 0 | 1 | 0 | 1 |