Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-696 Incorrect Behavior Order
The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.
0 1 0 0 1
CWE-402 Transmission of Private Resources into a New Sphere ('Resource Leak')
The software makes resources available to untrusted parties when those resources are only intended to be accessed by the software.
0 1 0 0 1
CWE-197 Numeric Truncation Error
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.
0 1 0 0 1
CWE-501 Trust Boundary Violation
The product mixes trusted and untrusted data in the same data structure or structured message.
0 0 1 0 1
CWE-1018 Manage User Sessions
Weaknesses in this category are related to the design and architecture of session managment. Frequently these deal with the information or status about each user and their access rights for the duration of multiple requests. The weaknesses in this category could lead to a degradation of the quality of session managment if they are not addressed when designing or implementing a secure architecture.Weaknesses in this category are related to the design and architecture of session managment. Frequently these deal with the information or status about each user and their access rights for the duration of multiple requests. The weaknesses in this category could lead to a degradation of the quality of session managment if they are not addressed when designing or implementing a secure architecture.
0 1 0 0 1
CWE-26 Path Traversal: '/dir/../filename'
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize /dir/../filename sequences that can resolve to a location that is outside of that directory.
0 0 1 0 1
CWE-762 Mismatched Memory Management Routines
The application attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function that was originally used to allocate that resource.
0 0 1 0 1
CWE-25 Path Traversal: '/../filedir'
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize /../ sequences that can resolve to a location that is outside of that directory.
0 0 1 0 1
CWE-1240 Use of a Risky Cryptographic Primitive
The product implements a cryptographic algorithm using a non-standard or unproven cryptographic primitive.
0 0 0 1 1
CWE-654 Reliance on a Single Factor in a Security Decision
A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object or entity in order to make a decision about granting access to restricted resources or functionality.
0 1 0 0 1