Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-908 Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
16 223 125 48 412
CWE-667 Improper Locking
The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
8 317 72 1 398
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
3 53 261 75 392
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
2 172 210 1 385
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
9 131 198 47 385
CWE-772 Missing Release of Resource after Effective Lifetime
The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
7 236 128 6 377
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
0 58 227 41 326
CWE-347 Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
2 118 153 51 324
CWE-326 Inadequate Encryption Strength
The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
8 121 153 34 316
CWE-209 Information Exposure Through an Error Message
The software generates an error message that includes sensitive information about its environment, users, or associated data.
35 221 38 16 310