Categories
CWE | NAME | LAST 12M | LOW | MEDIUM | HIGH | CRITICAL | TOTAL VULNS |
---|---|---|---|---|---|---|---|
CWE-696 | Incorrect Behavior Order The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses. | 0 | 1 | 0 | 0 | 1 | |
CWE-402 | Transmission of Private Resources into a New Sphere ('Resource Leak') The software makes resources available to untrusted parties when those resources are only intended to be accessed by the software. | 0 | 1 | 0 | 0 | 1 | |
CWE-197 | Numeric Truncation Error Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. | 0 | 1 | 0 | 0 | 1 | |
CWE-501 | Trust Boundary Violation The product mixes trusted and untrusted data in the same data structure or structured message. | 0 | 0 | 1 | 0 | 1 | |
CWE-1018 | Manage User Sessions Weaknesses in this category are related to the design and architecture of session managment. Frequently these deal with the information or status about each user and their access rights for the duration of multiple requests. The weaknesses in this category could lead to a degradation of the quality of session managment if they are not addressed when designing or implementing a secure architecture.Weaknesses in this category are related to the design and architecture of session managment. Frequently these deal with the information or status about each user and their access rights for the duration of multiple requests. The weaknesses in this category could lead to a degradation of the quality of session managment if they are not addressed when designing or implementing a secure architecture. | 0 | 1 | 0 | 0 | 1 | |
CWE-26 | Path Traversal: '/dir/../filename' The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize /dir/../filename sequences that can resolve to a location that is outside of that directory. | 0 | 0 | 1 | 0 | 1 | |
CWE-762 | Mismatched Memory Management Routines The application attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function that was originally used to allocate that resource. | 0 | 0 | 1 | 0 | 1 | |
CWE-25 | Path Traversal: '/../filedir' The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize /../ sequences that can resolve to a location that is outside of that directory. | 0 | 0 | 1 | 0 | 1 | |
CWE-1240 | Use of a Risky Cryptographic Primitive The product implements a cryptographic algorithm using a non-standard or unproven cryptographic primitive. | 0 | 0 | 0 | 1 | 1 | |
CWE-654 | Reliance on a Single Factor in a Security Decision A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object or entity in order to make a decision about granting access to restricted resources or functionality. | 0 | 1 | 0 | 0 | 1 |