Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-347 Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
 12 177 124 23 336
CWE-345 Insufficient Verification of Data Authenticity
The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
 19 162 84 35 300
CWE-134 Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.
 9 104 108 68 289
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
 6 81 155 44 286
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
 1 39 131 112 283
CWE-369 Divide By Zero
The product divides a value by zero.
 44 198 36 0 278
CWE-307 Improper Restriction of Excessive Authentication Attempts
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.
 15 134 68 58 275
CWE-908 Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
 33 125 84 31 273
CWE-209 Information Exposure Through an Error Message
The software generates an error message that includes sensitive information about its environment, users, or associated data.
 16 220 22 13 271
CWE-404 Improper Resource Shutdown or Release
The program does not release or incorrectly releases a resource before it is made available for re-use.
 9 152 99 3 263