Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-1269 Product Released in Non-Release Configuration
The product released to market is released in pre-production or manufacturing configuration.
1 0 0 0 1
CWE-283 Unverified Ownership
The software does not properly verify that a critical resource is owned by the proper entity.
0 1 0 0 1
CWE-348 Use of Less Trusted Source
The software has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.
0 0 1 0 1
CWE-1230 Exposure of Sensitive Information Through Metadata
The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information.
0 1 0 0 1
CWE-86 Improper Neutralization of Invalid Characters in Identifiers in Web Pages
The software does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers.
0 0 1 0 1
CWE-219 Sensitive Data Under Web Root
The application stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties.
0 0 1 0 1