Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-167 | Improper Handling of Additional Special Element The software receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided. | 0 | 1 | 0 | 0 | 1 | |
CWE-344 | Use of Invariant Value in Dynamically Changing Context The product uses a constant value, name, or reference, but this value can (or should) vary across different environments. | 0 | 0 | 1 | 0 | 1 | |
CWE-76 | Improper Neutralization of Equivalent Special Elements The software properly neutralizes certain special elements, but it improperly neutralizes equivalent special elements. | 0 | 1 | 0 | 0 | 1 | |
CWE-1103 | Use of Platform-Dependent Third Party Components The product relies on third-party software components that do not provide equivalent functionality across all desirable platforms. | 0 | 1 | 0 | 0 | 1 | |
CWE-263 | Password Aging with Long Expiration Allowing password aging to occur unchecked can result in the possibility of diminished password integrity. | 0 | 0 | 1 | 0 | 1 | |
CWE-28 | Path Traversal: '..\filedir' The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize .. sequences that can resolve to a location that is outside of that directory. | 0 | 1 | 0 | 0 | 1 | |
CWE-758 | Reliance on Undefined, Unspecified, or Implementation-Defined Behavior The software uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to hold for that entity. | 0 | 0 | 1 | 0 | 1 | |
CWE-691 | Insufficient Control Flow Management The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways. | 0 | 0 | 1 | 0 | 1 | |
CWE-544 | Missing Standardized Error Handling Mechanism The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses. | 0 | 0 | 1 | 0 | 1 | |
CWE-830 | Inclusion of Web Functionality from an Untrusted Source The software includes web functionality (such as a web widget) from another domain, which causes it to operate within the domain of the software, potentially granting total access and control of the software to the untrusted source. | 0 | 0 | 1 | 0 | 1 |