Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-908 Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
16 215 125 48 404
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
3 53 261 75 392
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
2 172 210 1 385
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
9 128 197 47 381
CWE-772 Missing Release of Resource after Effective Lifetime
The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
7 236 126 6 375
CWE-667 Improper Locking
The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
7 291 70 1 369
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
0 58 222 41 321
CWE-347 Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
2 117 150 51 320
CWE-326 Inadequate Encryption Strength
The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
8 117 149 34 308
CWE-209 Information Exposure Through an Error Message
The software generates an error message that includes sensitive information about its environment, users, or associated data.
35 219 38 16 308