Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-316 | Cleartext Storage of Sensitive Information in Memory The application stores sensitive information in cleartext in memory. | 0 | 0 | 1 | 0 | 1 | |
CWE-149 | Improper Neutralization of Quoting Syntax Quotes injected into an application can be used to compromise a system. As data are parsed, an injected/absent/duplicate/malformed use of quotes may cause the process to take unexpected actions. | 0 | 1 | 0 | 0 | 1 | |
CWE-265 | Privilege / Sandbox Issues Weaknesses in this category occur with improper enforcement of sandbox environments, or the improper handling, assignment, or management of privileges.Weaknesses in this category occur with improper enforcement of sandbox environments, or the improper handling, assignment, or management of privileges. | 0 | 0 | 0 | 1 | 1 | |
CWE-1049 | Excessive Data Query Operations in a Large Data Table The software performs a data query with a large number of joins and sub-queries on a large data table. | 0 | 1 | 0 | 0 | 1 | |
CWE-696 | Incorrect Behavior Order The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses. | 0 | 1 | 0 | 0 | 1 | |
CWE-402 | Transmission of Private Resources into a New Sphere ('Resource Leak') The software makes resources available to untrusted parties when those resources are only intended to be accessed by the software. | 0 | 1 | 0 | 0 | 1 | |
CWE-197 | Numeric Truncation Error Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. | 0 | 1 | 0 | 0 | 1 | |
CWE-837 | Improper Enforcement of a Single, Unique Action The software requires that an actor should only be able to perform an action once, or to have only one unique action, but the software does not enforce or improperly enforces this restriction. | 0 | 1 | 0 | 0 | 1 | |
CWE-501 | Trust Boundary Violation The product mixes trusted and untrusted data in the same data structure or structured message. | 0 | 0 | 1 | 0 | 1 | |
CWE-1018 | Manage User Sessions Weaknesses in this category are related to the design and architecture of session managment. Frequently these deal with the information or status about each user and their access rights for the duration of multiple requests. The weaknesses in this category could lead to a degradation of the quality of session managment if they are not addressed when designing or implementing a secure architecture.Weaknesses in this category are related to the design and architecture of session managment. Frequently these deal with the information or status about each user and their access rights for the duration of multiple requests. The weaknesses in this category could lead to a degradation of the quality of session managment if they are not addressed when designing or implementing a secure architecture. | 0 | 1 | 0 | 0 | 1 |