logo

View: Weakness Base Elements

Draft
Type: Implicit
Objective

This view (slice) displays only weakness base elements.

Membership
IDNameDescription
CWE-1007Insufficient Visual Distinction of Homoglyphs Presented to UserThis vulnerability occurs when an application shows text or symbols to users without clearly distinguishing between characters that look identical or very similar (called homoglyphs). Because users can't easily tell these characters apart, they might misinterpret information and accidentally perform unsafe actions, like clicking a malicious link.
CWE-1021Improper Restriction of Rendered UI Layers or FramesThis vulnerability occurs when a web application fails to properly control whether its pages can be embedded within frames or UI layers from other websites, potentially misleading users about which site they are interacting with.
CWE-1024Comparison of Incompatible TypesThis vulnerability occurs when code directly compares two values of fundamentally different data types, which can lead to unreliable or incorrect results because the comparison logic doesn't handle the type mismatch properly.
CWE-1025Comparison Using Wrong FactorsThis weakness occurs when a program compares two items but checks the wrong properties or attributes. This flawed comparison leads to incorrect decisions, creating security and logic errors.
CWE-1037Processor Optimization Removal or Modification of Security-critical CodeThis vulnerability occurs when a processor's performance optimization unintentionally strips out or alters security-critical code that a developer intentionally placed in the software.
CWE-1041Use of Redundant CodeThis weakness occurs when a codebase contains identical or nearly identical logic duplicated across multiple functions, methods, or modules. This redundancy creates unnecessary complexity and maintenance overhead.
CWE-1043Data Element Aggregating an Excessively Large Number of Non-Primitive ElementsThis weakness occurs when a data structure, like a class or object, contains too many complex sub-elements (e.g., other objects or structs) instead of simple primitive types.
CWE-1044Architecture with Number of Horizontal Layers Outside of Expected RangeThis occurs when a software system is built with either too many or too few distinct architectural layers, falling outside a recommended range that supports maintainability and security.
CWE-1045Parent Class with a Virtual Destructor and a Child Class without a Virtual DestructorThis occurs when a base class defines a virtual destructor, but a derived class inherits from it without declaring its own virtual destructor.
CWE-1046Creation of Immutable Text Using String ConcatenationThis weakness occurs when code builds a string within a loop using simple concatenation (like +=), which unintentionally creates new string objects every time instead of efficiently appending to a buffer.
CWE-1047Modules with Circular DependenciesThis weakness occurs when software modules have circular references, meaning Module A depends on Module B, which in turn depends back on Module A, creating a closed loop.
CWE-1048Invokable Control Element with Large Number of Outward CallsThis weakness occurs when a single function, method, or callable code block makes an excessively high number of calls to other objects or components outside its immediate scope. This creates a complex, tightly-coupled web of dependencies that is difficult to manage.
CWE-1049Excessive Data Query Operations in a Large Data TableThis weakness occurs when an application runs a database query that uses numerous joins and sub-queries on a very large table, leading to severe performance degradation.
CWE-1050Excessive Platform Resource Consumption within a LoopThis vulnerability occurs when a loop contains code that repeatedly consumes critical system resources like file handles, database connections, memory, or session locks. Each iteration of the loop drains these finite platform assets without proper release.
CWE-1051Initialization with Hard-Coded Network Resource Configuration DataThis vulnerability occurs when software uses fixed, hard-coded values—like IP addresses, domain names, or URLs—to identify network resources during its startup or configuration phase.
CWE-1052Excessive Use of Hard-Coded Literals in InitializationThis weakness occurs when software initializes variables or data structures using hard-coded values (like strings, file paths, or network addresses) instead of configurable constants or parameters. While simple numbers or true constants are acceptable, embedding non-trivial literals directly in code creates maintenance and security risks.
CWE-1053Missing Documentation for DesignThis weakness occurs when software lacks clear design documentation, making it difficult to understand how the system is structured and intended to work.
CWE-1054Invocation of a Control Element at an Unnecessarily Deep Horizontal LayerThis weakness occurs when code in one architectural layer directly calls functions or methods in a much deeper layer, skipping over the intermediate layers that should normally handle the request. It bypasses the intended layered structure, similar to a manager going directly to an intern instead of working through the team lead.
CWE-1055Multiple Inheritance from Concrete ClassesThis weakness occurs when a single class inherits functionality and state from more than one concrete (fully implemented) parent class.
CWE-1056Invokable Control Element with Variadic ParametersThis weakness occurs when a callable function or method is defined to accept a variable number of arguments (variadic parameters).
CWE-1057Data Access Operations Outside of Expected Data Manager ComponentThis weakness occurs when an application bypasses its dedicated, central data manager component and performs data access operations through other code paths.
CWE-1058Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member ElementThis happens when a method or function, designed to run in a multi-threaded environment, accesses or modifies a non-final static variable or class member. Because the static element is not final, its state can be changed unexpectedly by concurrent threads, leading to race conditions and unpredictable behavior.
CWE-1060Excessive Number of Inefficient Server-Side Data AccessesThis weakness occurs when an application makes an excessive number of individual data queries to a server or database, instead of using more efficient methods like stored procedures or batch operations.
CWE-1062Parent Class with References to Child ClassThis weakness occurs when a parent class directly references its child classes, their methods, or their member variables, creating a problematic and tightly coupled dependency.
CWE-1063Creation of Class Instance within a Static Code BlockThis weakness occurs when a class instance is created inside a static initializer block, causing premature and potentially expensive object creation.
CWE-1064Invokable Control Element with Signature Containing an Excessive Number of ParametersThis weakness occurs when a function, method, or subroutine is defined with an unnecessarily high number of parameters in its signature.
CWE-1065Runtime Resource Management Control Element in a Component Built to Run on Application ServersThis weakness occurs when an application built to run on a managed application server bypasses the server's high-level APIs and instead uses low-level operating system calls to directly control resources like memory, files, or threads.
CWE-1066Missing Serialization Control ElementThis weakness occurs when a class or data structure is marked as serializable but lacks the required control methods to properly handle the serialization and deserialization process.
CWE-1067Excessive Execution of Sequential Searches of Data ResourceThis weakness occurs when a database query is structured in a way that forces the system to scan entire tables row-by-row, instead of using an available index for efficient lookups.
CWE-1068Inconsistency Between Implementation and Documented DesignThis weakness occurs when the actual code implementation deviates from the intended design described in its official documentation, creating a mismatch between how the system is supposed to work and how it actually does.
CWE-1070Serializable Data Element Containing non-Serializable Item ElementsThis weakness occurs when a class or data structure is marked as serializable, but it contains one or more member elements that cannot be serialized. This mismatch prevents the entire object from being properly saved or transmitted.
CWE-1071Empty Code BlockAn empty code block occurs when a section of source code, such as a conditional statement or function body, contains no executable statements.
CWE-1072Data Resource Access without Use of Connection PoolingThis weakness occurs when an application creates a new database connection for every request instead of using a managed connection pool. This inefficient pattern forces the system to repeatedly endure the full overhead of establishing and tearing down connections.
CWE-1073Non-SQL Invokable Control Element with Excessive Number of Data Resource AccessesThis weakness occurs when a client-side function or method makes an excessive number of individual data requests through a non-SQL data manager, instead of using more efficient bulk operations or database-native capabilities.
CWE-1074Class with Excessively Deep InheritanceThis weakness occurs when a class inherits from an excessive number of parent classes, creating a deep and complex inheritance hierarchy.
CWE-1075Unconditional Control Flow Transfer outside of Switch BlockThis weakness occurs when code uses an unconditional jump, like a 'goto' statement, outside of a structured control flow block like a switch statement. This bypasses the intended logic and makes the program's execution path unpredictable and difficult to follow.
CWE-1079Parent Class without Virtual Destructor MethodThis occurs when a base class, designed to be inherited from, does not declare its destructor as virtual. This oversight prevents proper cleanup when objects are deleted through a pointer to the parent class.
CWE-1080Source Code File with Excessive Number of Lines of CodeThis weakness occurs when a single source code file grows excessively large, containing too many lines of code.
CWE-1082Class Instance Self Destruction Control ElementThis vulnerability occurs when an object's code contains logic that triggers its own deletion or destruction during runtime.
CWE-1083Data Access from Outside Expected Data Manager ComponentThis weakness occurs when an application is designed to handle all data operations through a dedicated manager component (like a database layer), but code elsewhere bypasses it and accesses data directly.
CWE-1084Invokable Control Element with Excessive File or Data Access OperationsThis weakness occurs when a single function or method performs an excessive number of file or database operations, such as repeated reads, writes, or queries. It over-relies on a single data manager or file resource, creating a tightly coupled and fragile code structure.
CWE-1085Invokable Control Element with Excessive Volume of Commented-out CodeThis weakness occurs when a callable function, method, or procedure contains a large amount of inactive, commented-out code within its implementation body.
CWE-1086Class with Excessive Number of Child ClassesThis weakness occurs when a parent class has an excessive number of child classes that inherit from it, creating a deep and overly complex inheritance tree.
CWE-1087Class with Virtual Method without a Virtual DestructorThis occurs when a class defines a virtual method but does not also provide a virtual destructor.
CWE-1088Synchronous Access of Remote Resource without TimeoutThis vulnerability occurs when an application makes a synchronous call to a remote service or resource but does not set a timeout, or sets an infinite one. This leaves the application waiting indefinitely for a response.
CWE-1089Large Data Table with Excessive Number of IndicesThis weakness occurs when an application uses a database table with a very large number of rows and creates too many indexes on it, degrading overall system performance.
CWE-1090Method Containing Access of a Member Element from Another ClassThis weakness occurs when a method in one class directly accesses a private or internal member (like a field or property) of a different class, bypassing proper interfaces.
CWE-1091Use of Object without Invoking Destructor MethodThis weakness occurs when a program accesses an object but fails to properly call its destructor or finalizer method. This leaves the cleanup of the object's resources to the system's automatic garbage collection, which may not happen immediately or predictably.
CWE-1092Use of Same Invokable Control Element in Multiple Architectural LayersThis weakness occurs when the same piece of code or control logic is duplicated across different architectural layers of an application, such as the presentation, business, and data layers.
CWE-1094Excessive Index Range Scan for a Data ResourceThis weakness occurs when a database query performs an index range scan that can access an unnecessarily large number of rows from a substantial data table, leading to severe performance degradation.
CWE-1095Loop Condition Value Update within the LoopThis vulnerability occurs when a loop's exit condition depends on a variable that is also modified inside the loop body. This creates a complex and often unpredictable control flow that is difficult to analyze.
CWE-1097Persistent Storable Data Element without Associated Comparison Control ElementThis weakness occurs when a persistent data object lacks the necessary methods to be properly compared, which can lead to inconsistent or incorrect behavior when the system checks for equality or manages collections.
CWE-1098Data Element containing Pointer Item without Proper Copy Control ElementThis weakness occurs when a data structure contains a pointer, but the code lacks proper methods to copy or initialize that pointer safely.
CWE-1099Inconsistent Naming Conventions for IdentifiersThis weakness occurs when a codebase uses mixed naming styles for elements like variables, functions, data types, or files, creating an inconsistent and confusing structure.
CWE-1100Insufficient Isolation of System-Dependent FunctionsThis weakness occurs when an application fails to separate its core logic from functions that depend on a specific operating system, hardware, or external platform. Instead of being contained in dedicated modules, these system-dependent calls are scattered throughout the codebase.
CWE-1101Reliance on Runtime Component in Generated CodeThis vulnerability occurs when software depends on automatically generated code that requires a specific, often external, runtime component to function. Without this component, the code cannot execute, creating a fragile and non-portable foundation.
CWE-1102Reliance on Machine-Dependent Data RepresentationThis weakness occurs when software directly depends on how a specific machine, processor, or operating system represents data in memory. Code that makes assumptions about byte order, data type sizes, or memory alignment becomes fragile and non-portable.
CWE-1103Use of Platform-Dependent Third Party ComponentsThis weakness occurs when software depends on third-party libraries or components that behave differently or lack support across various target platforms or operating systems.
CWE-1104Use of Unmaintained Third Party ComponentsThis weakness occurs when software depends on third-party libraries, frameworks, or modules that are no longer actively updated or supported by their creators or a trusted maintainer.
CWE-1105Insufficient Encapsulation of Machine-Dependent FunctionalityThis weakness occurs when an application relies on hardware-specific or platform-dependent features but fails to isolate that code from the rest of the system. This poor separation creates tight coupling between the core logic and low-level machine details.
CWE-1106Insufficient Use of Symbolic ConstantsThis weakness occurs when developers embed raw numbers or text strings directly in code instead of using named symbolic constants, making future updates and maintenance more difficult.
CWE-1107Insufficient Isolation of Symbolic Constant DefinitionsThis weakness occurs when a codebase uses symbolic constants (like named values for numbers or strings) but scatters their definitions across many files instead of centralizing them in one isolated location, such as a dedicated configuration file or module.
CWE-1108Excessive Reliance on Global VariablesThis weakness occurs when a codebase depends too heavily on global variables to store and manage state, rather than keeping data within appropriate local scopes like functions or classes.
CWE-1109Use of Same Variable for Multiple PurposesThis weakness occurs when a single variable is reused to handle multiple, unrelated tasks or to store different pieces of data throughout the code. This practice muddies the variable's purpose and makes the logic harder to follow.
CWE-1110Incomplete Design DocumentationThis vulnerability occurs when a system's design documentation is missing critical details about how the software actually works. Key omissions include unclear control flow, undefined data movement, missing system startup procedures, vague component relationships, or unexplained design decisions.
CWE-1111Incomplete I/O DocumentationThis weakness occurs when a product's documentation fails to clearly and completely define its inputs, outputs, or how it interacts with other systems or software components.
CWE-1112Incomplete Documentation of Program ExecutionThis weakness occurs when a system's documentation fails to completely list all the ways its behavior can be controlled or changed during execution.
CWE-1113Inappropriate Comment StyleThis weakness occurs when source code comments are written in a style or format that doesn't match the project's established standards or common conventions for the language.
CWE-1114Inappropriate Whitespace StyleThis weakness occurs when source code uses inconsistent or non-standard whitespace formatting, such as irregular indentation, spacing, or line breaks.
CWE-1115Source Code Element without Standard PrologueThis weakness occurs when source code files or modules lack a consistent, standardized header or prologue that the development team has agreed upon.
CWE-1116Inaccurate CommentsThis weakness occurs when code comments do not correctly describe or explain the actual behavior of the associated code. Misleading comments create a disconnect between what the documentation says and what the program actually does.
CWE-1117Callable with Insufficient Behavioral SummaryThis weakness occurs when a function, method, or API lacks clear documentation about its behavior. The signature or comments fail to properly explain what inputs it expects, what outputs it returns, what side effects it causes, or what assumptions it makes.
CWE-1118Insufficient Documentation of Error Handling TechniquesThis weakness occurs when software documentation fails to clearly explain how the system manages errors, exceptions, or unexpected conditions. Developers are left guessing about the proper handling mechanisms.
CWE-1119Excessive Use of Unconditional BranchingThis weakness occurs when code relies heavily on unconditional jumps like 'goto' statements, making the program flow difficult to follow.
CWE-112Missing XML ValidationThis vulnerability occurs when an application processes XML data from an untrusted source without first validating its structure and content against a defined schema.
CWE-1121Excessive McCabe Cyclomatic ComplexityThis weakness occurs when a function or method has an overly complex control flow, measured by a high McCabe Cyclomatic Complexity score. This makes the code difficult to read, test, and maintain.
CWE-1122Excessive Halstead ComplexityThis weakness occurs when code has an excessively high Halstead complexity score, indicating it is overly intricate and difficult to analyze.
CWE-1123Excessive Use of Self-Modifying CodeThe software relies heavily on code that rewrites itself during execution, making it difficult to analyze and maintain.
CWE-1124Excessively Deep NestingThis weakness occurs when a function, method, or code block contains too many levels of nested loops, conditionals, or other control structures, making the logic path difficult to follow.
CWE-1125Excessive Attack SurfaceThis weakness occurs when a software product has an unnecessarily large number of entry and exit points that an attacker can target, exceeding a reasonable and secure threshold.
CWE-1126Declaration of Variable with Unnecessarily Wide ScopeThis weakness occurs when a variable is declared with a broader scope than it actually needs, such as declaring a variable at a global or function level when it's only used inside a loop or conditional block.
CWE-1127Compilation with Insufficient Warnings or ErrorsThis weakness occurs when source code is compiled without enabling a comprehensive set of warning flags from the compiler. This practice allows subtle bugs, insecure coding patterns, and quality issues to go undetected during the build process.
CWE-115Misinterpretation of InputThis vulnerability occurs when software incorrectly interprets or processes input data, leading to unintended and potentially harmful security consequences. The flawed interpretation can come from user-provided data, external systems, or other components.
CWE-117Improper Output Neutralization for LogsThis vulnerability occurs when an application creates log entries using unvalidated external data, allowing attackers to inject malicious characters or commands that can corrupt log files, trigger parsing errors, or enable log injection attacks.
CWE-1173Improper Use of Validation FrameworkThis vulnerability occurs when a software application either fails to use or incorrectly implements a built-in or library-provided input validation framework.
CWE-1188Initialization of a Resource with an Insecure DefaultThis vulnerability occurs when software uses an insecure default setting or value for a resource, assuming an administrator will change it later.
CWE-1189Improper Isolation of Shared Resources on System-on-a-Chip (SoC)This vulnerability occurs when a System-on-a-Chip (SoC) fails to properly separate shared hardware resources between secure (trusted) and non-secure (untrusted) components.
CWE-1190DMA Device Enabled Too Early in Boot PhaseThis vulnerability occurs when a device with Direct Memory Access (DMA) capability is activated before the system's security settings are fully locked in during the boot process. This oversight can let an attacker bypass normal protections to read sensitive data from memory or escalate their privileges on the system.
CWE-1191On-Chip Debug and Test Interface With Improper Access ControlThis vulnerability occurs when a hardware chip's debug or test interface (like JTAG) lacks proper access controls. Without correct authorization checks, unauthorized users can read or modify sensitive internal registers and bypass the chip's built-in security protections.
CWE-1192Improper Identifier for IP Block used in System-On-Chip (SOC)This weakness occurs when a System-on-Chip (SoC) lacks a secure, unique, and permanent identifier for its internal hardware components (IP blocks). Without this, the system cannot reliably distinguish between different parts of the chip, leading to security and reliability failures.
CWE-1193Power-On of Untrusted Execution Core Before Enabling Fabric Access ControlThis vulnerability occurs when a system powers up hardware components containing untrusted firmware before establishing critical security controls for the system's internal communication pathways and memory.
CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')This vulnerability occurs when a program copies data from one memory location to another without first verifying that the source data will fit within the destination buffer's allocated space.
CWE-1204Generation of Weak Initialization Vector (IV)This vulnerability occurs when software uses a weak or predictable Initialization Vector (IV) for cryptographic operations. Many encryption algorithms require IVs to be both unique and unpredictable to ensure security, and failing to meet these requirements can compromise the entire encryption process.
CWE-1209Failure to Disable Reserved BitsThis vulnerability occurs when reserved bits in a hardware design are left active in production. Designers sometimes use these bits for debugging or future features, but if not disabled, attackers can manipulate them to compromise the hardware's state.
CWE-1220Insufficient Granularity of Access ControlThis vulnerability occurs when a system's access controls are too broad, allowing unauthorized users or processes to read or modify sensitive resources. Instead of implementing precise, fine-grained permissions, the security policy uses overly permissive rules that fail to properly restrict access to critical assets like configuration data, keys, or system registers.
CWE-1221Incorrect Register Defaults or Module ParametersThis vulnerability occurs when hardware description language (HDL) code sets insecure default values for hardware registers or configurable module parameters. These hardcoded values leave the hardware in an unsafe state after a reset, creating a permanent security weakness that software cannot patch.
CWE-1223Race Condition for Write-Once AttributesThis vulnerability occurs when an untrusted software component wins a race condition and writes to a hardware register before the trusted component can, permanently locking in an insecure value because the register is designed to be written only once.
CWE-1224Improper Restriction of Write-Once Bit FieldsThis vulnerability occurs when hardware write-once protection mechanisms, often called 'sticky bits,' are incorrectly implemented, allowing software to reprogram them multiple times.
CWE-123Write-what-where ConditionA write-what-where condition occurs when an attacker can control both the data written and the exact memory location where it's written, often due to a severe memory corruption flaw like a buffer overflow.
CWE-1230Exposure of Sensitive Information Through MetadataThis vulnerability occurs when an application protects the primary source of sensitive data but fails to secure the metadata derived from it. Attackers can then access this secondary information, which may leak critical details about the original content.
CWE-1231Improper Prevention of Lock Bit ModificationThis vulnerability occurs when hardware or firmware uses a lock bit to protect critical system registers or memory regions, but fails to properly prevent that lock bit from being changed after it has been enabled. This design flaw allows attackers to bypass hardware-enforced security restrictions.
CWE-1232Improper Lock Behavior After Power State TransitionThis vulnerability occurs when a hardware lock bit, designed to protect critical system configuration registers, is improperly reset or becomes programmable after a device transitions between power states, such as entering or waking from a low-power sleep mode. This allows the protected configuration to be altered after it should be permanently locked.
CWE-1233Security-Sensitive Hardware Controls with Missing Lock Bit ProtectionThis vulnerability occurs when a hardware device uses a lock bit to protect critical configuration registers, but the lock fails to prevent writes to all registers that can alter the protected system settings. Essentially, the security mechanism is incomplete, allowing software to bypass it and modify sensitive hardware configurations.
CWE-1234Hardware Internal or Debug Modes Allow Override of LocksHardware debug modes or internal states can bypass critical system lock protections, allowing unauthorized changes to device configuration.
CWE-1235Incorrect Use of Autoboxing and Unboxing for Performance Critical OperationsThis weakness occurs when a program relies on automatic boxing and unboxing of primitive types within performance-sensitive code sections, causing unnecessary computational overhead and potential resource strain.
CWE-1236Improper Neutralization of Formula Elements in a CSV FileThis vulnerability occurs when an application writes user-supplied data into a CSV file without properly sanitizing special characters. Spreadsheet programs like Excel or Google Sheets interpret entries starting with '=' as executable formulas, which can lead to malicious command execution when the file is opened.
CWE-124Buffer Underwrite ('Buffer Underflow')A buffer underwrite, also known as buffer underflow, happens when a program writes data to a memory location before the official start of a buffer.
CWE-1240Use of a Cryptographic Primitive with a Risky ImplementationThis weakness occurs when a product uses a custom, unverified, or non-compliant implementation of a cryptographic algorithm instead of a trusted, standard solution.
CWE-1241Use of Predictable Algorithm in Random Number GeneratorThis vulnerability occurs when a device or application relies on a predictable algorithm to generate pseudo-random numbers, making the output sequence foreseeable.
CWE-1242Inclusion of Undocumented Features or Chicken BitsThis vulnerability occurs when a hardware device or chip includes undocumented configuration bits (often called 'chicken bits') or hidden features that can disable security controls or enable privileged functions.
CWE-1243Sensitive Non-Volatile Information Not Protected During DebugThis vulnerability occurs when security-critical data stored in hardware fuses is left unprotected and accessible during debug modes.
CWE-1244Internal Asset Exposed to Unsafe Debug Access Level or StateThis vulnerability occurs when a system's debug or test interface supports multiple access levels, but an internal asset is incorrectly assigned a permissive debug access level. This mistake allows untrusted debug agents to access sensitive internal assets they should not be able to reach.
CWE-1245Improper Finite State Machines (FSMs) in Hardware LogicThis vulnerability occurs when hardware logic contains flawed Finite State Machines (FSMs). Attackers can exploit these design errors to force the system into an undefined or unstable condition, potentially leading to a denial of service (DoS) or allowing privilege escalation.
CWE-1246Improper Write Handling in Limited-write Non-Volatile MemoriesThis vulnerability occurs when a system fails to properly manage write operations on memory hardware that has a limited lifespan, such as Flash or EEPROM. Without correct wear leveling, specific memory cells wear out faster than intended, leading to premature device failure.
CWE-1247Improper Protection Against Voltage and Clock GlitchesThis vulnerability occurs when a hardware device lacks proper physical safeguards against deliberate electrical manipulation. Without dedicated protection circuits or sensors, attackers can use voltage spikes or irregular clock signals to bypass security features, potentially exposing sensitive data or taking control of the system.
CWE-1248Semiconductor Defects in Hardware Logic with Security-Sensitive ImplicationsA security-critical hardware component contains physical flaws in its semiconductor material, which can cause it to malfunction and undermine its security features.
CWE-1249Application-Level Admin Tool with Inconsistent View of Underlying Operating SystemThis vulnerability occurs when an administrative tool (like a web interface or API) fails to accurately display the true state of the underlying operating system it manages. The tool's view becomes inconsistent with reality, hiding critical resources like user accounts, processes, or files from the administrator.
CWE-125Out-of-bounds ReadAn out-of-bounds read occurs when software accesses memory outside the boundaries of a buffer, array, or similar data structure, reading data it wasn't intended to see.
CWE-1250Improper Preservation of Consistency Between Independent Representations of Shared StateThis vulnerability occurs when a system with multiple independent components (like distributed services or separate hardware units) each maintain their own copy of shared data—such as user state, cache, or configuration—but the system fails to keep all these local copies synchronized and consistent with each other.
CWE-1251Mirrored Regions with Different ValuesThis vulnerability occurs when a system maintains duplicate copies of data or resources (like cached memory or shadow registers) but fails to keep them synchronized. When mirrored regions hold different values, it can lead to incorrect system behavior, data corruption, or security breaches.
CWE-1252CPU Hardware Not Configured to Support Exclusivity of Write and Execute OperationsThis vulnerability occurs when a CPU's hardware is not set up to enforce a strict separation between writing data to memory and executing instructions from it. Without this hardware-level protection, attackers can potentially write malicious code into memory and then run it.
CWE-1253Incorrect Selection of Fuse ValuesThis vulnerability occurs when a hardware security fuse is incorrectly programmed to represent a 'secure' state as logic 0 (unblown). An attacker can permanently force the system into an insecure mode simply by blowing the fuse, which flips its value to logic 1.
CWE-1254Incorrect Comparison Logic GranularityThis vulnerability occurs when a system compares sensitive data, like passwords or authentication tokens, piece-by-piece instead of as a complete unit. If the comparison stops at the first mismatch, attackers can measure tiny timing differences to gradually guess the correct value.
CWE-1256Improper Restriction of Software Interfaces to Hardware FeaturesThis vulnerability occurs when a system's software interfaces to hardware features—like power, clock, or performance management—are not properly locked down. This allows attackers to misuse these interfaces from software to tamper with hardware memory or registers, or to gather sensitive data by observing physical side effects, without needing physical access to the device.
CWE-1257Improper Access Control Applied to Mirrored or Aliased Memory RegionsThis vulnerability occurs when a hardware design maps the same physical memory to multiple addresses (aliasing or mirroring) but fails to apply consistent read/write permissions across all these addresses. An attacker blocked from accessing a protected memory region might still reach the same data through its unprotected aliased address, bypassing security controls.
CWE-1258Exposure of Sensitive System Information Due to Uncleared Debug InformationThis vulnerability occurs when hardware fails to erase sensitive data like cryptographic keys and intermediate values before entering debug mode, leaving them exposed.
CWE-1259Improper Restriction of Security Token AssignmentThis vulnerability occurs when a System-on-a-Chip (SoC) fails to properly secure its Security Token mechanism. These tokens control which actions different system components are allowed to perform, but inadequate protection allows them to be manipulated.
CWE-1260Improper Handling of Overlap Between Protected Memory RangesThis vulnerability occurs when a system incorrectly allows different memory protection ranges to overlap. This flaw can let attackers bypass security controls and access restricted memory areas.
CWE-1261Improper Handling of Single Event UpsetsThis vulnerability occurs when hardware logic fails to properly manage single-event upsets (SEUs), which are temporary bit flips caused by environmental factors.
CWE-1262Improper Access Control for Register InterfaceThis vulnerability occurs when a system's hardware registers, which act as a software-to-hardware control panel, lack proper access restrictions. Malicious or flawed software can directly manipulate these registers, leading to unauthorized changes in hardware behavior.
CWE-1264Hardware Logic with Insecure De-Synchronization between Control and Data ChannelsThis vulnerability occurs when a hardware design incorrectly forwards data before its security or permission checks have finished processing. It's a timing flaw where the data channel gets ahead of the control channel, potentially leaking information.
CWE-1265Unintended Reentrant Invocation of Non-reentrant Code Via Nested CallsThis vulnerability occurs when a non-reentrant function is called, and during its execution, another call is triggered that unexpectedly re-enters the same non-reentrant code path, corrupting its internal state.
CWE-1266Improper Scrubbing of Sensitive Data from Decommissioned DeviceThis vulnerability occurs when a system lacks a reliable method for administrators to permanently erase sensitive information before taking hardware or software out of service. The data scrubbing feature might be missing, ineffective, or flawed, leaving confidential data behind.
CWE-1267Policy Uses Obsolete EncodingThis vulnerability occurs when a hardware system uses outdated or deprecated encoding methods to enforce security policies and access controls.
CWE-1268Policy Privileges are not Assigned Consistently Between Control and Data AgentsThis vulnerability occurs when hardware access control policies are inconsistent, allowing an agent with control privileges to modify write permissions even when it shouldn't have direct write access.
CWE-1269Product Released in Non-Release ConfigurationThis vulnerability occurs when a product ships to customers while still configured with its pre-production or manufacturing settings, which typically include powerful debugging and testing features not intended for real-world use.
CWE-1270Generation of Incorrect Security TokensThis vulnerability occurs when a system's security token mechanism, designed to control permissions for different entities or agents, generates tokens that are fundamentally flawed or incorrect.
CWE-1271Uninitialized Value on Reset for Registers Holding Security SettingsSecurity-critical hardware registers start with random, unpredictable values when a device powers on or resets, creating an immediate vulnerability window before software can initialize them.
CWE-1272Sensitive Information Uncleared Before Debug/Power State TransitionThis vulnerability occurs when a device changes its power mode or enters a debug state but fails to wipe sensitive data that should become inaccessible after the transition.
CWE-1273Device Unlock Credential SharingThis vulnerability occurs when the secret keys or passwords required to unlock a device's hidden features are shared between multiple organizations, creating a chain of trust where sensitive access can be leaked.
CWE-1274Improper Access Control for Volatile Memory Containing Boot CodeThis vulnerability occurs when a system's secure-boot process loads bootloader code into volatile memory (like DRAM or SRAM) but fails to properly lock down that memory region afterward. Without strong access controls, an attacker can modify the boot code in memory, bypassing secure boot and running malicious software.
CWE-1276Hardware Child Block Incorrectly Connected to Parent SystemThis vulnerability occurs when a hardware component (IP block) is wired incorrectly to the main system, creating hidden security flaws even if basic functions appear to work.
CWE-1277Firmware Not UpdateableThis vulnerability occurs when a hardware product lacks a mechanism for users to install firmware updates, leaving known security flaws permanently unpatched.
CWE-1278Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging TechniquesThis vulnerability occurs when hardware lacks safeguards against physical inspection, allowing attackers to extract sensitive data by capturing and analyzing high-resolution images of the integrated circuit's internal structure.
CWE-1279Cryptographic Operations are run Before Supporting Units are ReadyThis vulnerability occurs when cryptographic processes start before their required dependencies are properly initialized and ready to supply valid data, potentially compromising security.
CWE-128Wrap-around ErrorA wrap-around error happens when a variable exceeds the maximum value its data type can hold, causing it to unexpectedly reset to a very small, negative, or undefined number instead of increasing further.
CWE-1280Access Control Check Implemented After Asset is AccessedThis vulnerability occurs when a hardware-based security check runs after the protected resource has already been accessed, creating a dangerous timing window.
CWE-1281Sequence of Processor Instructions Leads to Unexpected BehaviorCertain sequences of valid and invalid processor instructions can cause the CPU to lock up or behave unpredictably, often requiring a hard reset to recover.
CWE-1282Assumed-Immutable Data is Stored in Writable MemoryThis vulnerability occurs when data that should be permanent and unchangeable—like a bootloader, device IDs, or one-time configuration settings—is placed in memory that can be rewritten or updated after deployment.
CWE-1283Mutable Attestation or Measurement Reporting DataThis vulnerability occurs when the hardware registers storing boot integrity measurements can be altered by an attacker, allowing them to forge verification data and hide a compromised boot process.
CWE-1284Improper Validation of Specified Quantity in InputThis vulnerability occurs when an application accepts user input meant to define a quantity—like a number, size, or count—but fails to properly check if that value is safe and reasonable before using it.
CWE-1285Improper Validation of Specified Index, Position, or Offset in InputThis vulnerability occurs when software accepts user input to determine a location—like an array index, file position, or memory offset—but fails to properly check if that location is safe and valid before using it.
CWE-1286Improper Validation of Syntactic Correctness of InputThis vulnerability occurs when software expects input in a specific, well-structured format but fails to properly check that the incoming data actually follows those rules.
CWE-1287Improper Validation of Specified Type of InputThis vulnerability occurs when software expects a specific type of data as input but fails to properly check that the incoming data actually matches that type.
CWE-1288Improper Validation of Consistency within InputThis vulnerability occurs when an application accepts structured input containing multiple related fields but fails to verify that the values across those fields are logically consistent with each other.
CWE-1289Improper Validation of Unsafe Equivalence in InputThis vulnerability occurs when an application accepts user input as a reference (like a file path or resource identifier) but fails to properly check if that input is functionally equivalent to a dangerous or restricted value.
CWE-1290Incorrect Decoding of Security Identifiers This vulnerability occurs when a hardware decoder incorrectly interprets security identifiers in bus transactions, allowing untrusted agents to gain unauthorized access to protected assets.
CWE-1291Public Key Re-Use for Signing both Debug and Production CodeThis vulnerability occurs when the same cryptographic key is used to sign both development/debug software builds and final production releases. This insecure practice allows debug versions, which often contain powerful diagnostic features, to be validated and run on live production systems.
CWE-1292Incorrect Conversion of Security IdentifiersThis vulnerability occurs when a hardware system incorrectly translates security identifiers during bus protocol conversion. An improper mapping allows untrusted agents to bypass security checks and gain unauthorized access to protected assets or functions.
CWE-1293Missing Source Correlation of Multiple Independent DataThis vulnerability occurs when a system trusts a single source of data without verification, making it impossible to detect if that source has been tampered with or compromised by an attacker.
CWE-1295Debug Messages Revealing Unnecessary InformationThe product's debug messages or logs expose excessive internal system details, potentially revealing sensitive information that could aid an attacker.
CWE-1296Incorrect Chaining or Granularity of Debug ComponentsThis vulnerability occurs when hardware debug components, such as test ports and scan chains, are incorrectly connected or organized within a chip's design. This misconfiguration can create unintended access paths, potentially exposing sensitive internal data or functions.
CWE-1297Unprotected Confidential Information on Device is Accessible by OSAT VendorsThis vulnerability occurs when a semiconductor chip does not properly secure sensitive data, making it accessible to third-party Outsourced Semiconductor Assembly and Test (OSAT) vendors during the manufacturing process.
CWE-1298Hardware Logic Contains Race ConditionsA hardware race condition occurs when security-critical logic circuits receive signals at slightly different times, creating temporary glitches that can bypass system protections.
CWE-1299Missing Protection Mechanism for Alternate Hardware InterfaceThis vulnerability occurs when a hardware component's security controls only protect the primary access path, leaving alternate interfaces unprotected. Attackers can bypass intended restrictions by accessing sensitive assets through these unguarded backdoors, such as shadow registers or other external-facing ports.
CWE-130Improper Handling of Length Parameter InconsistencyThis vulnerability occurs when a program reads a structured data packet or message but fails to properly validate that the declared length field matches the actual amount of data provided.
CWE-1300Improper Protection of Physical Side ChannelsThis vulnerability occurs when a hardware device lacks adequate safeguards against physical side-channel attacks. Attackers can exploit measurable patterns in power usage, electromagnetic radiation, or even sound emissions to uncover sensitive information like encryption keys.
CWE-1301Insufficient or Incomplete Data Removal within Hardware ComponentThe product's data removal process fails to completely erase all data from hardware components, potentially leaving sensitive information behind.
CWE-1302Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to unintended access or system failure.
CWE-1303Non-Transparent Sharing of Microarchitectural ResourcesThis vulnerability occurs when a processor's internal performance features, like caches and branch predictors, are unintentionally shared between different software contexts. This breaks the expected isolation, allowing data to leak across security boundaries.
CWE-1304Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore OperationThis vulnerability occurs when a hardware component saves its configuration state during a power-down operation but fails to protect or verify the integrity of that saved data before restoring it. As a result, an attacker can tamper with the stored settings, leading to a compromised state when the device powers back on.
CWE-131Incorrect Calculation of Buffer SizeThis vulnerability occurs when a program miscalculates the amount of memory needed for a buffer, potentially leading to a buffer overflow that can crash the software or allow attackers to execute malicious code.
CWE-1310Missing Ability to Patch ROM CodeA system or System-on-Chip (SoC) lacks a mechanism to update its initial boot code stored in Read-Only Memory (ROM), permanently exposing devices to unfixable security vulnerabilities.
CWE-1311Improper Translation of Security Attributes by Fabric BridgeThis vulnerability occurs when a hardware bridge incorrectly converts security attributes between different fabric protocols, potentially changing a transaction's identity from trusted to untrusted or vice versa during protocol translation.
CWE-1312Missing Protection for Mirrored Regions in On-Chip Fabric FirewallAn on-chip fabric firewall fails to apply its security rules to mirrored memory or MMIO regions, only protecting the primary address range. This allows attackers to bypass read/write restrictions by targeting the unprotected mirrored copies.
CWE-1313Hardware Allows Activation of Test or Debug Logic at RuntimeThis vulnerability occurs when hardware includes test or debug features that remain accessible during normal operation. An attacker can activate these features at runtime to alter the hardware's state, bypass security controls, and potentially leak or manipulate sensitive data.
CWE-1314Missing Write Protection for Parametric Data ValuesThis vulnerability occurs when a hardware device fails to protect the scaling parameters used to convert raw sensor readings. Untrusted software can alter these conversion factors, making dangerous conditions appear safe and potentially leading to hardware damage or system failure.
CWE-1315Improper Setting of Bus Controlling Capability in Fabric End-pointThis vulnerability occurs when a hardware fabric endpoint is incorrectly configured to grant bus controller privileges to a device that should only respond to requests. This allows an unauthorized device to initiate and control data transactions across the system bus.
CWE-1316Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected RangesThis vulnerability occurs when a hardware fabric's address map incorrectly allows protected and unprotected memory regions to overlap. Attackers can exploit this overlap to bypass security controls and access restricted data or functions.
CWE-1317Improper Access Control in Fabric BridgeThis vulnerability occurs when a hardware fabric bridge, which connects different IP blocks on a chip, fails to properly verify access permissions for transactions passing through it. The bridge forwards requests without checking the master's privilege level or the hardware identity, effectively bypassing critical security controls.
CWE-1318Missing Support for Security Features in On-chip Fabrics or BusesThis vulnerability occurs when the communication channels (fabrics or buses) within a chip lack built-in or enabled security features, such as privilege separation or access controls, leaving data transfers unprotected.
CWE-1319Improper Protection against Electromagnetic Fault Injection (EM-FI)This vulnerability occurs when a hardware device lacks sufficient shielding against electromagnetic interference, allowing attackers to disrupt its internal operations. By inducing targeted electromagnetic pulses, an attacker can force the device to malfunction, potentially bypassing security checks or leaking sensitive data.
CWE-1320Improper Protection for Outbound Error Messages and Alert SignalsThis vulnerability occurs when hardware alert systems for critical conditions, like overheating or power surges, lack proper security. Untrusted software or agents can disable these warnings or trigger false alarms, preventing the system from taking protective actions.
CWE-1322Use of Blocking Code in Single-threaded, Non-blocking ContextThis vulnerability occurs when an application designed to be single-threaded and non-blocking, for performance and scalability, inadvertently executes code that can block the entire process. If an attacker can trigger this blocking code, it can cause the application to freeze, leading to a denial of service.
CWE-1323Improper Management of Sensitive Trace DataThis vulnerability occurs when sensitive trace data from a System-on-Chip (SoC), such as information from CPUs or cryptographic modules, is stored in unsecured memory or transmitted to unauthorized debuggers, potentially exposing confidential information.
CWE-1325Improperly Controlled Sequential Memory AllocationThis vulnerability occurs when a system allocates memory separately for each item in a collection but fails to enforce a global limit on the total memory used by all items combined.
CWE-1326Missing Immutable Root of Trust in HardwareThis vulnerability occurs when a hardware chip lacks a permanent, unchangeable root of trust. Without this immutable foundation, attackers can bypass secure boot protections and run unauthorized or malicious code during the system startup process.
CWE-1327Binding to an Unrestricted IP AddressThis vulnerability occurs when software or a service is configured to bind to the IP address 0.0.0.0 (or :: in IPv6), which acts as a wildcard, accepting connections from any network interface on the host system.
CWE-1328Security Version Number Mutable to Older VersionsThis vulnerability occurs when a hardware system's security version number can be changed, allowing an attacker to downgrade or roll back the boot firmware to older, vulnerable versions.
CWE-1329Reliance on Component That is Not UpdateableThis vulnerability occurs when a product depends on a component that cannot be updated or patched to fix security flaws or critical bugs.
CWE-1331Improper Isolation of Shared Resources in Network On Chip (NoC)This vulnerability occurs when a Network on Chip (NoC) fails to properly separate its internal, shared resources—like buffers, switches, and channels—between trusted and untrusted components. This lack of isolation creates a timing side-channel, allowing untrusted agents to potentially infer sensitive data from trusted ones.
CWE-1332Improper Handling of Faults that Lead to Instruction SkipsThis vulnerability occurs when a hardware device lacks or incorrectly implements the necessary circuitry or sensors to detect and respond to the skipping of critical security instructions during CPU execution.
CWE-1333Inefficient Regular Expression ComplexityThis vulnerability occurs when an application uses a poorly constructed regular expression that can trigger catastrophic backtracking, leading to extreme CPU consumption and potential denial-of-service.
CWE-1334Unauthorized Error Injection Can Degrade Hardware RedundancyThis vulnerability occurs when an attacker without proper permissions can deliberately inject faults into a hardware system's backup components. This action disables the redundancy, forcing the system into a less secure, degraded state.
CWE-1335Incorrect Bitwise Shift of IntegerThis vulnerability occurs when a program attempts to shift an integer's bits by an invalid amount—either a negative number or a value equal to or greater than the integer's bit width (e.g., shifting a 32-bit integer by 32 or more places). This leads to unpredictable and platform-dependent results.
CWE-1336Improper Neutralization of Special Elements Used in a Template EngineThis vulnerability occurs when an application uses a template engine to process user-controlled input but fails to properly sanitize special syntax characters. Attackers can inject template expressions or directives that the engine executes, leading to unintended code execution.
CWE-1338Improper Protections Against Hardware OverheatingThis vulnerability occurs when a hardware device lacks sufficient safeguards to prevent dangerous temperature increases during operation.
CWE-1339Insufficient Precision or Accuracy of a Real NumberThis vulnerability occurs when a program uses a data type or algorithm that cannot accurately represent or calculate the fractional part of a real number, leading to incorrect results in security-critical operations.
CWE-134Use of Externally-Controlled Format StringThis vulnerability occurs when a program uses a format string from an untrusted, external source (like user input, a network packet, or a file) in a formatting function (e.g., printf, sprintf). An attacker can craft a malicious format string to read or write memory, potentially crashing the application or executing arbitrary code.
CWE-1341Multiple Releases of Same Resource or HandleThis vulnerability occurs when a program incorrectly tries to close or release the same system resource—like memory, a file, or a network connection—more than once. This double-free or double-close violates the API's contract and leads to unpredictable and often dangerous behavior.
CWE-1342Information Exposure through Microarchitectural State after Transient ExecutionThis vulnerability occurs when a CPU fails to completely erase temporary data traces left behind by speculative execution or error recovery processes. These lingering microarchitectural hints can be analyzed through side-channels to leak sensitive information.
CWE-135Incorrect Calculation of Multi-Byte String LengthThis vulnerability occurs when software incorrectly measures the length of strings containing multi-byte or wide characters, leading to buffer overflows, data corruption, or crashes.
CWE-1351Improper Handling of Hardware Behavior in Exceptionally Cold EnvironmentsThis weakness occurs when a hardware device or its firmware lacks proper safeguards to maintain security functions when operated in extremely cold temperatures. Designers may fail to anticipate how critical components, like memory or security primitives, behave outside their standard operating range, creating exploitable gaps.
CWE-1386Insecure Operation on Windows Junction / Mount PointThis vulnerability occurs when a Windows application opens a file or directory without properly validating that the path is not a symbolic link (junction or mount point) pointing to a location outside the application's intended security boundary.
CWE-1389Incorrect Parsing of Numbers with Different RadicesThis vulnerability occurs when software processes numeric input expecting standard decimal numbers (base 10), but fails to handle inputs formatted in other bases like octal or hexadecimal. This mismatch leads to the system interpreting the same digits as a completely different numeric value.
CWE-1392Use of Default CredentialsThis vulnerability occurs when a system, device, or application relies on pre-configured, publicly known credentials like passwords or encryption keys for access to critical functions.
CWE-1393Use of Default PasswordThis vulnerability occurs when a system or device uses a pre-configured, publicly known password for authentication, often for administrative or critical functions.
CWE-1394Use of Default Cryptographic KeyThis vulnerability occurs when a system uses a pre-configured, publicly known cryptographic key for security-critical operations instead of generating a unique one.
CWE-140Improper Neutralization of DelimitersThis vulnerability occurs when an application fails to properly handle or sanitize delimiter characters within data inputs, allowing them to be misinterpreted by downstream systems.
CWE-1420Exposure of Sensitive Information during Transient ExecutionTransient execution vulnerabilities occur when a processor speculatively runs operations that don't officially commit, potentially leaking sensitive data through covert side channels like cache timing.
CWE-1421Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient ExecutionThis vulnerability occurs when a processor's speculative execution (transient operations) can temporarily access restricted data from another security domain. This sensitive information can leave traces in shared hardware structures like CPU caches, where an attacker could potentially retrieve it using a covert channel attack.
CWE-1422Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient ExecutionThis vulnerability occurs when a CPU incorrectly forwards outdated or incorrect data during speculative execution. This allows sensitive information to leak through covert side-channel attacks, even when software-level protections are in place.
CWE-1423Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient ExecutionThis vulnerability occurs when separate software components, like different processes or virtual machines, share the processor's internal prediction mechanisms. An attacker can manipulate these shared predictors to trigger speculative execution in a victim component, potentially leaking sensitive data across a security boundary via covert side channels.
CWE-1426Improper Validation of Generative AI OutputThis vulnerability occurs when an application uses a generative AI model (like an LLM) but fails to properly check the AI's output before using it. Without this validation, the AI's responses might contain security flaws, harmful content, or data leaks that violate the application's intended policies.
CWE-1427Improper Neutralization of Input Used for LLM PromptingThis vulnerability occurs when an application builds prompts for a Large Language Model (LLM) using external data, but does so in a way that the LLM cannot tell the difference between the developer's intended instructions and the user's potentially malicious input. This allows an attacker to 'hijack' the prompt and make the model ignore its original guidelines.
CWE-1428Reliance on HTTP instead of HTTPSThis vulnerability occurs when an application uses unencrypted HTTP connections instead of the secure HTTPS alternative, even when HTTPS is available.
CWE-1429Missing Security-Relevant Feedback for Unexecuted Operations in Hardware InterfaceThis vulnerability occurs when a hardware interface discards operations without providing any security-relevant feedback, such as error notifications or logs. This silence prevents the timely detection of critical failures or active attacks, leaving systems vulnerable to undetected compromise.
CWE-1431Driving Intermediate Cryptographic State/Results to Hardware Module OutputsThis vulnerability occurs when a hardware cryptographic module leaks sensitive internal data through its output channels. Instead of only providing the final encrypted or decrypted result, the module inadvertently exposes intermediate calculation states or partial results via its output wires or ports.
CWE-1434Insecure Setting of Generative AI/ML Model Inference ParametersThis vulnerability occurs when a generative AI or ML model is deployed with inference parameters that are too permissive, causing it to frequently generate incorrect, nonsensical, or unpredictable outputs.
CWE-15External Control of System or Configuration SettingThis vulnerability occurs when an application allows users to directly modify critical system settings or configuration values from an external source.
CWE-166Improper Handling of Missing Special ElementThis vulnerability occurs when software expects a specific delimiter, terminator, or other special marker in its input but fails to properly handle situations where that element is absent. The application may then misinterpret boundaries, leading to crashes, data corruption, or security breaches.
CWE-167Improper Handling of Additional Special ElementThis vulnerability occurs when software receives data from another component but fails to properly process or validate unexpected special characters or control elements within that input.
CWE-168Improper Handling of Inconsistent Special ElementsThis vulnerability occurs when software fails to correctly process input containing conflicting or mismatched special elements like characters, symbols, or reserved keywords.
CWE-170Improper Null TerminationThis weakness occurs when software fails to properly end a string or array with the required null character or equivalent terminator.
CWE-178Improper Handling of Case SensitivityThis vulnerability occurs when software fails to consistently handle uppercase and lowercase letters when checking or accessing resources, leading to unpredictable behavior and security gaps.
CWE-179Incorrect Behavior Order: Early ValidationThis vulnerability occurs when an application validates user input before applying security filters or data normalization. Attackers can exploit this order of operations by submitting specially crafted input that passes the initial validation but becomes malicious after the application's filters or canonicalization processes modify it.
CWE-182Collapse of Data into Unsafe ValueThis vulnerability occurs when an application's data filtering or transformation process incorrectly merges or simplifies information, producing a result that violates security rules. Essentially, safe input gets collapsed into a dangerous value.
CWE-183Permissive List of Allowed InputsThis vulnerability occurs when an application's security filter uses an allowlist that is too broad, mistakenly permitting dangerous inputs that should have been blocked. The flawed assumption that everything on the list is safe creates a direct path for attackers to exploit the system.
CWE-184Incomplete List of Disallowed InputsThis vulnerability occurs when a security filter or validation mechanism relies on a 'denylist'—a predefined list of forbidden inputs—but that list is missing critical entries. Attackers can bypass the protection by using variations or inputs the developers didn't anticipate.
CWE-186Overly Restrictive Regular ExpressionThis weakness occurs when a regular expression is too narrow, failing to detect all the dangerous or unexpected input values it was designed to catch.
CWE-188Reliance on Data/Memory LayoutThis vulnerability occurs when software incorrectly assumes how data is structured in memory or within network packets, leading to unexpected behavior when those underlying layouts change.
CWE-190Integer Overflow or WraparoundInteger overflow or wraparound occurs when a calculation produces a numeric result that exceeds the maximum value a variable can hold. Instead of increasing as expected, the value wraps around to a very small or negative number, breaking the program's logic.
CWE-191Integer Underflow (Wrap or Wraparound)Integer underflow occurs when a subtraction operation results in a value smaller than the data type's minimum limit, causing the value to wrap around to a large, incorrect number.
CWE-193Off-by-one ErrorAn off-by-one error occurs when a program incorrectly calculates a boundary, such as a loop counter or array index, by being one unit too high or too low. This often leads to buffer overflows, memory corruption, or unexpected program behavior.
CWE-197Numeric Truncation ErrorA numeric truncation error happens when a program converts a number to a smaller data type, cutting off its higher-order bits and corrupting the original value.
CWE-201Insertion of Sensitive Information Into Sent DataThis vulnerability occurs when an application sends data to an external party, but accidentally includes sensitive information—like passwords, keys, or personal data—that the recipient should not be able to access.
CWE-202Exposure of Sensitive Information Through Data QueriesThis vulnerability occurs when an attacker uses statistical analysis on aggregated or anonymized data to uncover sensitive details about individuals, even when direct identifiers are removed.
CWE-203Observable DiscrepancyThis vulnerability occurs when an application responds differently to unauthorized users based on internal conditions. Attackers can observe these variations—like changes in error messages, timing, or system behavior—to infer sensitive information, such as whether a username exists, a password is incorrect, or a specific operation succeeded.
CWE-204Observable Response DiscrepancyThis vulnerability occurs when an application responds differently to similar requests, unintentionally leaking details about its internal state or logic to unauthorized users.
CWE-205Observable Behavioral DiscrepancyThis vulnerability occurs when an application behaves differently in ways that unauthorized users can detect. These observable differences can reveal internal system logic, state information, or how the product varies from similar applications, providing attackers with valuable clues.
CWE-208Observable Timing DiscrepancyThis vulnerability occurs when an application takes measurably different amounts of time to perform different operations, such as checking a password or processing a request. An attacker can observe these timing differences to learn sensitive information, like whether a username is valid or a cryptographic key guess is correct.
CWE-209Generation of Error Message Containing Sensitive InformationThis vulnerability occurs when an application reveals sensitive details about its internal systems, user data, or environment within error messages shown to users.
CWE-210Self-generated Error Message Containing Sensitive InformationThis vulnerability occurs when an application detects a problem and generates its own error messages that accidentally expose sensitive system or user data.
CWE-211Externally-Generated Error Message Containing Sensitive InformationThis vulnerability occurs when an application triggers an error message from an external component—like a database, interpreter, or operating system—and that error reveals sensitive details about the system's internal workings, configuration, or data.
CWE-212Improper Removal of Sensitive Information Before Storage or TransferThis vulnerability occurs when an application stores or transmits a resource containing sensitive data without properly cleaning it first, potentially exposing that information to unauthorized parties.
CWE-213Exposure of Sensitive Information Due to Incompatible PoliciesThis vulnerability occurs when a system's data handling aligns with the developer's security rules but accidentally reveals information that other stakeholders—like users or administrators—consider confidential. Essentially, the developer's policy conflicts with the security expectations of the people who use or manage the product.
CWE-214Invocation of Process Using Visible Sensitive InformationThis vulnerability occurs when a process is started with sensitive data, such as passwords or API keys, passed directly in its command-line arguments or environment variables. Because this information is often visible to other processes on the system, it can be easily exposed.
CWE-215Insertion of Sensitive Information Into Debugging CodeThis vulnerability occurs when developers embed sensitive data, such as passwords or API keys, within debugging statements like logs or console outputs, and fail to remove or disable this code before deploying to a live environment.
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')This vulnerability occurs when an application builds a file path using user input but fails to properly validate it, allowing an attacker to break out of the intended directory and access files or folders anywhere on the server.
CWE-222Truncation of Security-relevant InformationThis vulnerability occurs when a system shortens or cuts off security-critical data during display, logging, or processing. This truncation can hide the true details of an attack, making it harder to detect, investigate, and respond to threats.
CWE-223Omission of Security-relevant InformationThis vulnerability occurs when an application fails to capture or present crucial security-related details, such as the origin of a request or the specifics of a security event. Without this information, developers and security teams cannot effectively trace attacks or validate whether an operation is legitimate.
CWE-224Obscured Security-relevant Information by Alternate NameThis vulnerability occurs when a system logs or reports security-critical events using a nickname or alias for a component, instead of its official, unique identifier.
CWE-226Sensitive Information in Resource Not Removed Before ReuseThis vulnerability occurs when a system releases a resource like memory or a file for reuse but fails to erase the sensitive data it previously contained. The old information remains accessible when the resource is allocated to a new process or used in a different context.
CWE-229Improper Handling of ValuesThis vulnerability occurs when software fails to correctly process situations where input contains too few values, too many values, or undefined values for expected parameters, fields, or arguments.
CWE-23Relative Path TraversalThis vulnerability occurs when an application builds file paths using user-supplied input without properly validating or sanitizing it. Attackers can exploit this by inserting special directory traversal sequences like '..' to access files and directories outside the intended restricted folder.
CWE-233Improper Handling of ParametersThis vulnerability occurs when software fails to correctly process input that contains an unexpected number of parameters, missing fields, or undefined arguments. It often leads to crashes, unexpected behavior, or security bypasses.
CWE-237Improper Handling of Structural ElementsThis vulnerability occurs when an application fails to properly validate, sanitize, or interpret the complex internal parts of structured data, such as file headers, network packet fields, or document metadata.
CWE-240Improper Handling of Inconsistent Structural ElementsThis vulnerability occurs when a system fails to properly manage situations where related data structures or elements should match but are inconsistent.
CWE-241Improper Handling of Unexpected Data TypeThis vulnerability occurs when software fails to properly validate or safely process data that arrives in an unexpected format. For example, the system might expect a numeric input but receives text instead, leading to crashes, errors, or security issues.
CWE-242Use of Inherently Dangerous FunctionThis vulnerability occurs when code uses functions that are inherently unsafe and cannot be reliably secured, posing a direct risk to application stability and security.
CWE-248Uncaught ExceptionThis vulnerability occurs when a function throws an error or exception, but the calling code does not have a proper handler to catch and manage it.
CWE-250Execution with Unnecessary PrivilegesThis vulnerability occurs when software runs with higher permissions than it actually needs to perform its tasks. This excessive privilege creates security risks by opening doors to new attacks or making existing weaknesses more dangerous.
CWE-252Unchecked Return ValueThis vulnerability occurs when a program fails to verify the result of a function or method call, allowing it to continue execution without detecting errors or unexpected conditions.
CWE-253Incorrect Check of Function Return ValueThis vulnerability occurs when a program misinterprets or improperly validates the return value from a function, causing it to miss critical error states or unexpected conditions.
CWE-256Plaintext Storage of a PasswordThis vulnerability occurs when an application stores user passwords as readable text instead of using secure, one-way hashing. This insecure practice exposes credentials in memory, files, or databases where attackers can easily retrieve them.
CWE-257Storing Passwords in a Recoverable FormatThis vulnerability occurs when an application stores user passwords in a format that can be easily reversed or decrypted back to their original plaintext form. This practice, often called storing 'recoverable' passwords, defeats the core purpose of password protection. It allows anyone with access to the stored data—including attackers who breach the system or even malicious insiders—to obtain and reuse the actual passwords on other accounts, offering no real security advantage over storing them in plain text.
CWE-260Password in Configuration FileThis vulnerability occurs when an application stores sensitive passwords directly within a configuration file, making them easily readable to anyone with access to that file.
CWE-261Weak Encoding for PasswordUsing simple encoding like Base64 to hide a password provides no real security, as it can be easily reversed.
CWE-262Not Using Password AgingThis vulnerability occurs when a system lacks password expiration policies, allowing users to keep the same password indefinitely.
CWE-263Password Aging with Long ExpirationThe system enforces password changes, but the time allowed between changes is excessively long, weakening security.
CWE-266Incorrect Privilege AssignmentThis vulnerability occurs when a system mistakenly grants a user, process, or entity a specific permission or privilege they should not have. This error creates an unintended level of access, allowing the actor to perform actions beyond their intended authority.
CWE-267Privilege Defined With Unsafe ActionsThis vulnerability occurs when a system grants a user, role, or process a specific permission that can be misused to perform dangerous, unintended actions. The permission itself is correctly assigned, but its scope is too broad or allows for unsafe operations.
CWE-268Privilege ChainingPrivilege chaining occurs when an attacker combines two separate permissions or capabilities, neither of which is dangerous on its own, to perform a harmful action that neither permission should individually allow.
CWE-270Privilege Context Switching ErrorThis vulnerability occurs when an application fails to properly manage user permissions while moving between different security contexts, potentially allowing unauthorized actions.
CWE-272Least Privilege ViolationThis vulnerability occurs when software fails to reduce its elevated system privileges after completing a sensitive operation, leaving it with unnecessary and dangerous access rights.
CWE-273Improper Check for Dropped PrivilegesThis vulnerability occurs when an application tries to lower its system privileges but fails to verify that the operation was successful.
CWE-274Improper Handling of Insufficient PrivilegesThis vulnerability occurs when an application fails to properly manage situations where it lacks the necessary permissions to execute an action. This flawed handling can lead to crashes, data corruption, or unintended security bypasses.
CWE-276Incorrect Default PermissionsThis vulnerability occurs when software installation scripts set overly permissive file or directory access rights by default. Instead of restricting write access to authorized users or processes, the installation allows unintended actors to modify, delete, or corrupt critical application files.
CWE-280Improper Handling of Insufficient Permissions or Privileges This vulnerability occurs when a system fails to properly manage situations where it lacks the necessary permissions to perform an action or access a resource. This flawed handling can force the application into unintended states or error paths, potentially leading to crashes, data corruption, or security bypasses.
CWE-281Improper Preservation of PermissionsThis vulnerability occurs when a system fails to correctly maintain file or object permissions during operations like copying, sharing, or restoring data. As a result, these resources can end up with weaker, more permissive security settings than the original owner intended.
CWE-283Unverified OwnershipThis vulnerability occurs when an application fails to confirm that a user has legitimate ownership rights to a sensitive resource before allowing them to perform actions on it.
CWE-288Authentication Bypass Using an Alternate Path or ChannelThis vulnerability occurs when a system has a primary login requirement, but attackers can find an unprotected backdoor or alternative route that completely bypasses those checks.
CWE-289Authentication Bypass by Alternate NameThis vulnerability occurs when a system checks access based on a resource or user name, but fails to account for all the different names or aliases that could refer to the same entity, allowing attackers to bypass authentication.
CWE-290Authentication Bypass by SpoofingThis weakness occurs when an application's authentication system can be tricked into accepting forged or manipulated credentials, allowing unauthorized access without proper verification.
CWE-294Authentication Bypass by Capture-replayThis vulnerability occurs when an attacker can intercept and record legitimate authentication traffic, then replay it later to gain unauthorized access. The system accepts the replayed data as valid, effectively bypassing normal authentication checks.
CWE-295Improper Certificate ValidationThis vulnerability occurs when an application fails to properly verify the authenticity of a digital certificate, or performs the verification incorrectly, allowing untrusted connections to appear legitimate.
CWE-296Improper Following of a Certificate's Chain of TrustThis vulnerability occurs when software fails to properly validate the entire certificate chain back to a trusted root authority. This mistake can cause the system to incorrectly trust a certificate and the resource it represents, creating a security gap.
CWE-299Improper Check for Certificate RevocationThis vulnerability occurs when an application fails to properly verify whether a security certificate has been revoked, potentially allowing it to accept and use a compromised or untrustworthy certificate.
CWE-301Reflection Attack in an Authentication ProtocolA reflection attack is a flaw in mutual authentication protocols that allows an attacker to impersonate a legitimate user without knowing the secret key. This happens when an attacker can bounce, or 'reflect,' a server's own challenge back to it using a second connection, tricking the system into granting access.
CWE-302Authentication Bypass by Assumed-Immutable DataThis vulnerability occurs when an authentication system incorrectly treats certain data as unchangeable, when in fact an attacker can manipulate it to bypass login or verification checks.
CWE-303Incorrect Implementation of Authentication AlgorithmThis weakness occurs when a developer implements a standard authentication algorithm, but makes critical mistakes in the code that cause it to function incorrectly.
CWE-304Missing Critical Step in AuthenticationThis vulnerability occurs when a software authentication process omits a required step, weakening its overall security.
CWE-305Authentication Bypass by Primary WeaknessThis vulnerability occurs when a system's core authentication logic is technically correct, but an attacker can completely bypass it by exploiting a separate, more fundamental flaw in the application.
CWE-306Missing Authentication for Critical FunctionThis vulnerability occurs when a software feature that performs a sensitive action or uses significant system resources does not verify the user's identity before executing. Attackers can exploit this to trigger critical functions without any credentials.
CWE-307Improper Restriction of Excessive Authentication AttemptsThis vulnerability occurs when an application fails to properly limit how many times someone can attempt to log in or verify their identity in rapid succession, allowing attackers to systematically guess credentials.
CWE-308Use of Single-factor AuthenticationRelying solely on single-factor authentication, like a password, exposes systems to significant security risks because it depends on only one type of proof for verifying a user's identity.
CWE-309Use of Password System for Primary AuthenticationThis weakness occurs when an application relies solely on password-based authentication as its main security gate. This single-factor approach is inherently vulnerable to a range of attacks that can compromise user accounts.
CWE-312Cleartext Storage of Sensitive InformationThis vulnerability occurs when an application stores sensitive data like passwords, credit card numbers, or personal information in plain text, without any encryption. This unsecured data is kept in files, databases, caches, or logs that could be accessed by unauthorized users or systems.
CWE-319Cleartext Transmission of Sensitive InformationThis vulnerability occurs when an application sends sensitive data, such as passwords or personal information, over a network connection without using encryption. Attackers can easily intercept and read this unprotected data as it travels.
CWE-322Key Exchange without Entity AuthenticationThis vulnerability occurs when a system establishes a cryptographic key with another party without first confirming that party's true identity.
CWE-323Reusing a Nonce, Key Pair in EncryptionThis vulnerability occurs when a cryptographic nonce or key pair is reused, compromising the security of the encrypted data.
CWE-324Use of a Key Past its Expiration DateThis vulnerability occurs when an application continues to use a cryptographic key or password after its designated expiration date. Doing so dramatically increases the security risk by giving attackers more time to discover or crack the key.
CWE-325Missing Cryptographic StepThis vulnerability occurs when a software implementation skips a critical step in a cryptographic process, resulting in security that is significantly weaker than the intended algorithm provides.
CWE-328Use of Weak HashThis vulnerability occurs when software uses a hashing algorithm that is cryptographically weak, allowing attackers to feasibly reverse the hash to find the original input, find a different input that creates the same hash, or discover collisions where two inputs produce identical hash values.
CWE-331Insufficient EntropyThis vulnerability occurs when a system's random number generator or algorithm lacks sufficient unpredictability, creating patterns or predictable outputs that are easier for attackers to guess.
CWE-334Small Space of Random ValuesThis vulnerability occurs when a system uses a random number generator that produces too few possible values. Attackers can easily predict or guess these values through brute force attacks.
CWE-335Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)This vulnerability occurs when a Pseudo-Random Number Generator (PRNG) is used, but its initial seed value is not handled securely or predictably, compromising the randomness of its output.
CWE-338Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)This vulnerability occurs when software uses a pseudo-random number generator (PRNG) that is not cryptographically strong for security-sensitive operations, such as generating keys, tokens, or initialization vectors.
CWE-341Predictable from Observable StateThis vulnerability occurs when an attacker can guess or deduce sensitive values, like random numbers or identifiers, by observing predictable system or network characteristics such as timestamps, process IDs, or other public information.
CWE-342Predictable Exact Value from Previous ValuesThis vulnerability occurs when a system uses a predictable sequence for generating values, allowing an attacker to accurately guess future numbers by analyzing past ones.
CWE-343Predictable Value Range from Previous ValuesThis vulnerability occurs when a system's random number generator produces values that, after observing previous outputs, allow an attacker to predict a limited range for the next value.
CWE-344Use of Invariant Value in Dynamically Changing ContextThis vulnerability occurs when code uses a fixed, unchanging value (like a hardcoded string, number, or reference) in a situation where that value should actually be flexible and adapt to different runtime conditions or environments.
CWE-347Improper Verification of Cryptographic SignatureThis vulnerability occurs when an application fails to properly check the digital signature on data, or skips the verification step entirely, allowing tampered or forged information to be accepted as legitimate.
CWE-348Use of Less Trusted SourceThis vulnerability occurs when a system has access to multiple sources for the same critical data, but it chooses to rely on the less secure or less trustworthy one. This creates a security gap because the system ignores better-protected alternatives that offer stronger verification or are harder for attackers to compromise.
CWE-349Acceptance of Extraneous Untrusted Data With Trusted DataThis vulnerability occurs when a system processes both trusted and untrusted data together, but fails to separate them. The application incorrectly treats all incoming data—including the untrusted portion—with the same level of trust as the legitimate data.
CWE-351Insufficient Type DistinctionThis vulnerability occurs when an application fails to properly differentiate between different types of data or objects, leading to unintended and insecure behavior.
CWE-353Missing Support for Integrity CheckThis vulnerability occurs when a system uses a communication protocol that lacks built-in integrity verification, such as a checksum or cryptographic hash, to detect if data has been altered or corrupted during transmission.
CWE-354Improper Validation of Integrity Check ValueThis vulnerability occurs when software fails to properly check the integrity of data by validating its checksum or hash value. Without this verification, the application cannot reliably detect if information has been altered, corrupted, or tampered with during storage or transmission.
CWE-356Product UI does not Warn User of Unsafe ActionsThis vulnerability occurs when a software interface fails to alert users before they perform a risky action. Without clear warnings, users can be more easily misled into taking steps that harm their system or data.
CWE-357Insufficient UI Warning of Dangerous OperationsThis vulnerability occurs when a software application does present a warning to a user before a risky action, but the warning is designed or placed in a way that makes it too easy to miss, ignore, or accidentally dismiss.
CWE-358Improperly Implemented Security Check for StandardThis vulnerability occurs when software fails to correctly implement one or more critical security checks required by a standard protocol, algorithm, or security technique.
CWE-359Exposure of Private Personal Information to an Unauthorized ActorThis vulnerability occurs when an application fails to adequately protect sensitive personal data, allowing access to individuals who either lack proper authorization or haven't provided necessary consent for its use.
CWE-36Absolute Path TraversalThis vulnerability occurs when an application builds file paths using user input without properly blocking absolute paths like '/etc/passwd' or 'C:\Windows\system32'. Attackers can exploit this to escape the intended directory and access sensitive files anywhere on the server.
CWE-360Trust of System Event DataThis vulnerability occurs when software blindly trusts system event data without verifying its source, allowing attackers to spoof events and manipulate application behavior.
CWE-363Race Condition Enabling Link FollowingThis vulnerability occurs when a program checks a file's status before using it, creating a brief window where an attacker can replace that file with a malicious link. This causes the program to follow the link and access an unintended, potentially dangerous location.
CWE-364Signal Handler Race ConditionA signal handler race condition occurs when a program's signal handling routine is vulnerable to timing issues, allowing its state to be corrupted through asynchronous execution.
CWE-366Race Condition within a ThreadThis vulnerability occurs when two or more threads within the same application access and manipulate a shared resource (like a variable, data structure, or file) without proper synchronization. Because the threads can execute in an unpredictable order, they can corrupt the resource's state, leading to crashes, incorrect calculations, or data loss.
CWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionThis vulnerability occurs when a program verifies a resource's state (like a file's permissions or existence) but then uses it after that state has already changed. The gap between checking and using creates a race window where an attacker can manipulate the resource, causing the program to operate on invalid or malicious data.
CWE-368Context Switching Race ConditionThis vulnerability occurs when an application switches between different security contexts (like privilege levels or domains) using a series of steps that can be interrupted. An attacker can exploit the timing gap during this switch to trick the application into performing actions with the wrong permissions or resources.
CWE-369Divide By ZeroA divide-by-zero error occurs when software attempts to perform a division operation where the denominator is zero.
CWE-372Incomplete Internal State DistinctionThis vulnerability occurs when an application fails to accurately track its own operational state. The system incorrectly assumes it's in one mode or condition when it's actually in another, leading to security-critical actions being performed with the wrong assumptions.
CWE-374Passing Mutable Objects to an Untrusted MethodThis vulnerability occurs when a function receives a direct reference to mutable data, such as an object or array, instead of a safe copy of that data.
CWE-375Returning a Mutable Object to an Untrusted CallerThis vulnerability occurs when a method directly returns a reference to its internal mutable data, allowing untrusted calling code to modify that data unexpectedly.
CWE-378Creation of Temporary File With Insecure PermissionsThis vulnerability occurs when a program creates a temporary file but sets its file permissions too loosely, allowing other users or processes on the system to read, modify, or delete the file.
CWE-379Creation of Temporary File in Directory with Insecure PermissionsThis vulnerability occurs when an application creates a temporary file in a directory that is too permissive, allowing unauthorized users or processes to see, access, or manipulate the file.
CWE-385Covert Timing ChannelA covert timing channel is a security flaw where an attacker can deduce secret information by observing how long certain operations take to execute. Instead of directly reading data, they analyze timing variations in system behavior to infer protected details.
CWE-386Symbolic Name not Mapping to Correct ObjectThis vulnerability occurs when a program uses a fixed symbolic name (like a constant or identifier) to refer to an object, but that name can later point to a different, unintended object during execution.
CWE-390Detection of Error Condition Without ActionThis weakness occurs when software successfully identifies an error condition but then fails to take any meaningful action to address it. The error is detected but ignored, leaving the system in an inconsistent or vulnerable state.
CWE-391Unchecked Error ConditionThis vulnerability occurs when a program fails to properly check or handle error conditions, such as exceptions or return codes. By ignoring these failures, the software can enter an unexpected state that attackers might exploit, often without any logging or user notification.
CWE-392Missing Report of Error ConditionThis vulnerability occurs when a system fails to properly signal that an error has happened. Instead of returning a clear error code, status, or exception, the software continues as if nothing went wrong, leaving other components unaware of the failure.
CWE-393Return of Wrong Status CodeThis vulnerability occurs when a function returns an inaccurate status code or value that misrepresents the actual outcome of an operation. This false signal can cause the application to behave in unexpected and potentially insecure ways.
CWE-394Unexpected Status Code or Return ValueThis vulnerability occurs when software fails to properly validate the full range of possible return values from a function or system call. While a returned value might be technically valid for that operation, the application doesn't anticipate or handle it correctly, leading to unexpected behavior.
CWE-395Use of NullPointerException Catch to Detect NULL Pointer DereferenceUsing a try-catch block for NullPointerException as a substitute for proper null checks is an anti-pattern. This approach masks the root cause of null pointer dereferences instead of preventing them, leading to unstable and difficult-to-debug code.
CWE-396Declaration of Catch for Generic ExceptionThis weakness occurs when code catches a generic exception type like 'Exception' or 'Throwable', which can hide specific errors and create insecure error handling logic.
CWE-397Declaration of Throws for Generic ExceptionThis vulnerability occurs when a method is declared to throw an overly broad exception type, such as a generic 'Exception' or 'Throwable'. This practice masks the specific error conditions that can occur, making it difficult for calling code to handle failures appropriately.
CWE-403Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')This vulnerability occurs when a parent process launches a child process without first closing sensitive file descriptors. The child process inherits these open handles, potentially gaining unauthorized access to files, sockets, or other resources it shouldn't be able to interact with.
CWE-408Incorrect Behavior Order: Early AmplificationThis vulnerability occurs when a system allows a user to trigger a resource-intensive operation before verifying their identity or checking their permissions.
CWE-409Improper Handling of Highly Compressed Data (Data Amplification)This vulnerability occurs when software fails to safely process highly compressed data, where a small input file can trigger the creation of an extremely large amount of data during decompression, overwhelming system resources.
CWE-41Improper Resolution of Path EquivalenceThis vulnerability occurs when an application fails to properly handle different text representations that refer to the same file or directory on the system. Attackers can use special characters or alternative naming conventions to bypass security checks and access restricted files.
CWE-412Unrestricted Externally Accessible LockThis vulnerability occurs when a system correctly checks for a lock's existence, but an unauthorized external actor can control or influence that lock.
CWE-413Improper Resource LockingThis vulnerability occurs when an application fails to properly lock a shared resource, such as a file or memory location, before performing operations that require exclusive access.
CWE-414Missing Lock CheckThis vulnerability occurs when software fails to verify that a proper synchronization lock is active before accessing or modifying a shared resource, potentially leading to race conditions and data corruption.
CWE-419Unprotected Primary ChannelThis vulnerability occurs when an application exposes a privileged administrative interface or restricted functionality through a primary channel (like a specific port, endpoint, or protocol) without implementing adequate security controls to protect it.
CWE-420Unprotected Alternate ChannelThis vulnerability occurs when an application secures its main communication path but leaves a backup or alternative channel with weaker or no protection.
CWE-421Race Condition During Access to Alternate ChannelA race condition occurs when an application opens a secondary communication channel intended for an authorized user, but fails to secure it, allowing other actors to potentially access it first.
CWE-425Direct Request ('Forced Browsing')This vulnerability occurs when a web application fails to verify user permissions for every protected page, file, or API endpoint, allowing attackers to access them directly.
CWE-426Untrusted Search PathThis vulnerability occurs when an application relies on an external search path, provided by a user or environment, to find and load critical resources like executables or libraries. Because the application does not fully control this path, an attacker can manipulate it to point to malicious files.
CWE-427Uncontrolled Search Path ElementThis vulnerability occurs when an application searches for critical files like libraries or executables using a predefined list of directories, but one or more of those directories can be manipulated by an unauthorized user.
CWE-428Unquoted Search Path or ElementThis vulnerability occurs when a program uses a file path or command that contains spaces and is not enclosed in quotes. The operating system may misinterpret where the executable file is located, potentially allowing an attacker to run a malicious program with higher privileges.
CWE-430Deployment of Wrong HandlerThis vulnerability occurs when a system incorrectly assigns or routes an object to the wrong processing component.
CWE-431Missing HandlerThis vulnerability occurs when a software component lacks the necessary code to properly handle an error or unexpected event.
CWE-432Dangerous Signal Handler not Disabled During Sensitive OperationsThis vulnerability occurs when a program's signal handler, which shares resources like global variables with other handlers, can be interrupted and re-entered before it finishes its work. The program fails to block other signals during this sensitive operation, leaving shared state vulnerable to corruption.
CWE-434Unrestricted Upload of File with Dangerous TypeThis vulnerability occurs when an application accepts file uploads without properly restricting the file types, allowing attackers to upload and execute malicious files on the server.
CWE-437Incomplete Model of Endpoint FeaturesThis vulnerability occurs when a security product, proxy, or monitoring system sits between endpoints but lacks a full understanding of what those endpoints can do or their current state. Because it's working with incomplete information, it can make wrong decisions, allowing malicious traffic to pass or incorrectly blocking legitimate requests.
CWE-439Behavioral Change in New Version or EnvironmentThis vulnerability occurs when a component's behavior unexpectedly changes after an update or when deployed to a different environment, and the systems or users depending on it are unaware of and cannot manage this change.
CWE-440Expected Behavior ViolationThis weakness occurs when a software component, such as a function, API, or feature, fails to act as documented or intended. The system's actual behavior deviates from its promised specification, leading to unpredictable results.
CWE-444Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')This weakness occurs when a proxy, firewall, or other intermediary HTTP agent interprets a malformed HTTP request or response differently than the final destination server or client. This inconsistency allows an attacker to craft messages that bypass the intermediary's security checks.
CWE-447Unimplemented or Unsupported Feature in UIThis vulnerability occurs when a user interface displays a security feature as active and functional, but the underlying code that powers it is either missing or disabled. Users receive visual confirmation that a protection is in place, creating a false sense of security.
CWE-448Obsolete Feature in UIThis vulnerability occurs when a user interface (UI) includes outdated or deprecated features, but fails to alert users about their obsolete status. This can mislead users into relying on functionality that may be broken, unsupported, or pose a security risk.
CWE-449The UI Performs the Wrong ActionThis vulnerability occurs when a user interface (UI) element or command performs a different, unintended action than what the user requested, potentially leading to security bypass, data corruption, or unexpected system behavior.
CWE-450Multiple Interpretations of UI InputThis vulnerability occurs when a user interface can interpret the same input in multiple ways, but automatically chooses a less secure option without warning the user.
CWE-454External Initialization of Trusted Variables or Data StoresThis vulnerability occurs when an application sets up its critical internal variables or storage systems using data from untrusted, external sources that an attacker could control.
CWE-455Non-exit on Failed InitializationThis vulnerability occurs when software continues to run as normal after encountering a critical security failure during its startup process. Instead of halting or entering a safe mode, the application proceeds with weakened or missing security controls, leaving it exposed.
CWE-459Incomplete CleanupThis vulnerability occurs when an application fails to properly remove temporary files, data structures, or system resources after they are no longer needed.
CWE-460Improper Cleanup on Thrown ExceptionThis vulnerability occurs when a program fails to properly restore its state or release resources after an exception is thrown, leaving the application in an inconsistent or unexpected condition.
CWE-463Deletion of Data Structure SentinelThis vulnerability occurs when a program accidentally removes or corrupts a special marker used to define the boundaries of a data structure, leading to logic errors and unexpected behavior.
CWE-464Addition of Data Structure SentinelThis vulnerability occurs when a program unintentionally adds or modifies a special marker, known as a sentinel, within a data structure, leading to critical logic errors.
CWE-466Return of Pointer Value Outside of Expected RangeThis vulnerability occurs when a function returns a memory pointer that points outside the expected buffer range, potentially exposing unrelated memory or causing crashes.
CWE-468Incorrect Pointer ScalingThis vulnerability occurs when a programmer incorrectly accounts for pointer arithmetic in C or C++, causing the program to access unintended memory locations. The core issue is forgetting that adding an integer to a pointer automatically scales that integer by the size of the data type it points to.
CWE-469Use of Pointer Subtraction to Determine SizeThis vulnerability occurs when a program calculates a size or offset by subtracting two memory pointers, but the pointers point to locations in different memory blocks, leading to an incorrect and potentially dangerous result.
CWE-470Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')This vulnerability occurs when an application uses unvalidated external input, like a URL parameter or form field, to dynamically decide which class to load or which method to execute via reflection. An attacker can manipulate this input to force the application to load unexpected, potentially malicious code.
CWE-471Modification of Assumed-Immutable Data (MAID)This vulnerability occurs when an application fails to protect data it assumes cannot be changed, allowing an attacker to alter it.
CWE-472External Control of Assumed-Immutable Web ParameterThis vulnerability occurs when a web application incorrectly trusts data that appears to be fixed or hidden from the user, such as values in hidden form fields, cookies, or URL parameters. Because this data is actually controllable by the client, attackers can modify it to bypass security checks or corrupt application logic.
CWE-474Use of Function with Inconsistent ImplementationsThis vulnerability occurs when code relies on a function whose behavior changes across different operating systems or versions, leading to unpredictable security risks when the software runs in an unexpected environment.
CWE-475Undefined Behavior for Input to APIThis API function exhibits unpredictable or undefined behavior when its control parameter is not set to the exact, required value.
CWE-476NULL Pointer DereferenceThis vulnerability occurs when a program attempts to access or manipulate memory using a pointer that is set to NULL, causing a crash or unexpected behavior.
CWE-477Use of Obsolete FunctionThis vulnerability occurs when code relies on deprecated or obsolete functions, indicating outdated practices and insufficient maintenance that can introduce security gaps.
CWE-478Missing Default Case in Multiple Condition ExpressionThis vulnerability occurs when code with multiple conditional branches, like a switch statement, lacks a default case to handle unexpected values.
CWE-480Use of Incorrect OperatorThis vulnerability occurs when a developer mistakenly uses the wrong operator in their code, leading to unintended and potentially insecure logic.
CWE-483Incorrect Block DelimitationThis vulnerability occurs when a developer fails to use explicit braces or delimiters to group multiple statements within a block, leading to unexpected program logic.
CWE-484Omitted Break Statement in SwitchThis vulnerability occurs when a developer forgets to include a 'break' statement inside a switch-case block. Without it, the code execution 'falls through' and unintentionally runs the logic for subsequent cases, leading to unexpected behavior.
CWE-487Reliance on Package-level ScopeThis weakness occurs when a Java application mistakenly treats package-level access as a security boundary, assuming it can prevent unauthorized access to code.
CWE-488Exposure of Data Element to Wrong SessionThis vulnerability occurs when an application fails to properly isolate data between different user sessions, allowing information from one user's session to leak into another's.
CWE-489Active Debug CodeThis vulnerability occurs when software is deployed to production with debugging or diagnostic features still enabled and accessible.
CWE-494Download of Code Without Integrity CheckThis vulnerability occurs when an application fetches and runs code from an external source—like a remote server or CDN—without properly verifying where it came from or ensuring it hasn't been tampered with.
CWE-497Exposure of Sensitive System Information to an Unauthorized Control SphereThis vulnerability occurs when an application unintentionally reveals sensitive details about its underlying system, such as file paths, software versions, or environment data, to users who should not have access to that information.
CWE-501Trust Boundary ViolationThis vulnerability occurs when an application incorrectly stores or processes trusted and untrusted data together within the same structure, such as an object, array, or message.
CWE-502Deserialization of Untrusted DataThis vulnerability occurs when an application accepts and processes serialized data from an untrusted source without proper validation, allowing an attacker to manipulate the data to execute malicious code or cause unexpected behavior.
CWE-507Trojan HorseA Trojan Horse vulnerability occurs when software presents itself as legitimate and useful, but secretly contains malicious functionality that bypasses security controls. This hidden code operates without the user's knowledge, violating the intended security policy of the system or its administrator.
CWE-508Non-Replicating Malicious CodeThis type of malicious code is designed to operate only on the specific system it initially infects. Unlike viruses or worms, it does not contain mechanisms to copy itself or spread to other devices or networks.
CWE-509Replicating Malicious Code (Virus or Worm)This weakness describes software that is vulnerable to infection by self-replicating malicious programs like viruses or worms. Once such malware compromises a system, it can use that system as a launchpad to automatically spread and attack others.
CWE-510TrapdoorA trapdoor, often called a backdoor, is a hidden piece of code intentionally placed within software. It activates in response to a specific, often secret, input—like a special password or sequence—bypassing standard authentication and authorization checks to grant unauthorized access.
CWE-511Logic/Time BombA logic or time bomb is malicious code intentionally placed within software to trigger harmful actions when a specific condition is met or a predetermined time is reached.
CWE-512SpywareSpyware is software that secretly gathers personal information about a user or their activities. It does this by accessing data from other sources on the system, without the user's direct input or explicit consent.
CWE-515Covert Storage ChannelA covert storage channel is a type of security flaw where one process secretly encodes data into a shared system resource (like a file, memory bit, or status flag), and another unauthorized process later reads that resource to extract the hidden information.
CWE-521Weak Password RequirementsThis vulnerability occurs when an application fails to enforce strong password policies, making user accounts easier to compromise through guessing or automated attacks.
CWE-523Unprotected Transport of CredentialsThis vulnerability occurs when a login page or authentication system transmits user credentials (like usernames and passwords) over a network without proper encryption, exposing them to interception.
CWE-524Use of Cache Containing Sensitive InformationThis vulnerability occurs when an application stores sensitive data in a cache that is accessible to unauthorized users or external systems.
CWE-532Insertion of Sensitive Information into Log FileThis vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.
CWE-538Insertion of Sensitive Information into Externally-Accessible File or DirectoryThis vulnerability occurs when an application unintentionally stores confidential data—like passwords, API keys, or personal user details—in a location that is publicly accessible or readable by unauthorized users. Even if the file itself is intended to be available, the sensitive information within it should not be.
CWE-540Inclusion of Sensitive Information in Source CodeThis vulnerability occurs when sensitive information like passwords, API keys, or internal logic is exposed within source code that remains accessible on a web server or in a public repository.
CWE-544Missing Standardized Error Handling MechanismThis weakness occurs when software lacks a unified, consistent approach to managing errors across its codebase, leading to unpredictable security gaps and unreliable behavior.
CWE-547Use of Hard-coded, Security-relevant ConstantsThis vulnerability occurs when code directly embeds security-critical values like passwords, cryptographic keys, or access levels as raw numbers or strings, instead of using named constants or configuration files. This practice makes the code brittle and error-prone during updates or security reviews.
CWE-549Missing Password Field MaskingThis vulnerability occurs when an application fails to hide password characters as they are typed, making them visible to anyone who can see the screen. This exposes user credentials to onlookers or screen-capturing malware.
CWE-551Incorrect Behavior Order: Authorization Before Parsing and CanonicalizationThis vulnerability occurs when a web server checks access permissions before fully processing and normalizing a URL, potentially allowing attackers to bypass security controls.
CWE-552Files or Directories Accessible to External PartiesThis vulnerability occurs when an application exposes files or directories to users who shouldn't have access to them.
CWE-561Dead CodeDead code refers to sections of a program that can never run during normal execution, effectively making them inactive and unreachable.
CWE-562Return of Stack Variable AddressThis vulnerability occurs when a function returns a pointer to its own local variable. Since that variable's memory is on the stack, the pointer becomes invalid as soon as the function finishes, leading to crashes or unpredictable behavior.
CWE-563Assignment to Variable without UseThis vulnerability occurs when a value is stored in a variable, but that variable is never read or used in subsequent code, creating a 'dead store.'
CWE-565Reliance on Cookies without Validation and Integrity CheckingThis vulnerability occurs when an application uses cookies to make security decisions—like granting access or changing settings—but fails to verify that the cookie data is legitimate, unaltered, and belongs to the current user.
CWE-567Unsynchronized Access to Shared Data in a Multithreaded ContextThis vulnerability occurs when multiple threads in an application can read and modify shared data, like static variables, without proper coordination. This unsynchronized access corrupts data, causes crashes, and leads to unpredictable, often security-critical, behavior.
CWE-570Expression is Always FalseThis vulnerability occurs when code contains a conditional expression that can never evaluate to true, causing a section of the program to be permanently unreachable.
CWE-571Expression is Always TrueThis vulnerability occurs when code contains a conditional expression that will always evaluate to 'true', making the check ineffective and potentially bypassing critical security or logic gates.
CWE-584Return Inside Finally BlockThis vulnerability occurs when a function places a return statement inside a finally block. This dangerous pattern silently discards any unhandled exceptions thrown earlier in the try block, making errors invisible and undermining application stability.
CWE-586Explicit Call to Finalize()This vulnerability occurs when code directly calls an object's finalize() method from outside its designated finalizer context.
CWE-59Improper Link Resolution Before File Access ('Link Following')This vulnerability occurs when an application uses a filename to access a file but fails to properly check if that name points to a symbolic link, shortcut, or junction. This allows an attacker to manipulate the link's target, causing the application to read or write to an unintended, potentially sensitive location.
CWE-601URL Redirection to Untrusted Site ('Open Redirect')An open redirect vulnerability occurs when a web application uses unvalidated user input to determine the destination of a redirect, allowing an attacker to send users to an untrusted, external website.
CWE-603Use of Client-Side AuthenticationThis vulnerability occurs when an application places its authentication logic solely within the client-side code, such as in a mobile app or web browser, without enforcing the same checks on the server. Attackers can bypass authentication by modifying the client to skip these checks entirely.
CWE-606Unchecked Input for Loop ConditionThis vulnerability occurs when an application fails to properly validate or limit user-supplied values that control loop iterations. Without these checks, malicious input can force the program into an endless or excessively long loop, consuming system resources and leading to denial of service or application instability.
CWE-609Double-Checked LockingDouble-checked locking is an insufficient synchronization pattern where a program checks a resource's state, acquires a lock, and checks the state again before initialization, failing to guarantee thread safety across all systems.
CWE-611Improper Restriction of XML External Entity ReferenceThis vulnerability occurs when an application processes XML input without properly restricting external entity references. Attackers can exploit this to read local files, trigger internal network requests, or cause denial of service.
CWE-612Improper Authorization of Index Containing Sensitive InformationThis vulnerability occurs when a system indexes sensitive documents for search but fails to properly restrict who can query that index. Attackers can then discover and extract confidential information from the indexed content without having direct access to the original files.
CWE-613Insufficient Session ExpirationInsufficient session expiration occurs when an application allows old session tokens or IDs to remain valid for too long, letting attackers reuse them to gain unauthorized access.
CWE-617Reachable AssertionA reachable assertion occurs when an attacker can trigger an assert() statement or similar debugging check, causing the application to crash or behave in a more disruptive way than intended. This turns a helpful development tool into a denial-of-service vulnerability.
CWE-619Dangling Database Cursor ('Cursor Injection')A dangling database cursor occurs when a database cursor is not properly closed, potentially allowing other users to access it while it retains its original, often elevated, privileges.
CWE-620Unverified Password ChangeThis vulnerability occurs when an application allows a user to set a new password without first verifying their identity through the old password or a secure secondary authentication method.
CWE-624Executable Regular Expression ErrorThis vulnerability occurs when an application uses a regular expression that can execute code, either because it directly contains executable logic with unsafe user input, or because an attacker can inject pattern modifiers that enable code execution.
CWE-625Permissive Regular ExpressionThis weakness occurs when a regular expression is too permissive, failing to properly validate or sanitize input by allowing unintended values or patterns.
CWE-628Function Call with Incorrectly Specified ArgumentsThis weakness occurs when a function is called with arguments that are incorrectly specified, causing the function to behave in an unintended and consistently wrong manner.
CWE-639Authorization Bypass Through User-Controlled KeyThis vulnerability occurs when an application's authorization system fails to verify that a user is allowed to access specific data before retrieving it, allowing an attacker to access another user's information by manipulating an identifier they control.
CWE-640Weak Password Recovery Mechanism for Forgotten PasswordThis vulnerability occurs when an application's password reset or recovery feature is poorly designed or implemented, allowing attackers to bypass authentication and hijack user accounts.
CWE-641Improper Restriction of Names for Files and Other ResourcesThis vulnerability occurs when an application creates file or resource names using unvalidated user input, failing to properly limit what characters or paths can be used.
CWE-643Improper Neutralization of Data within XPath Expressions ('XPath Injection')XPath Injection occurs when an application uses unvalidated user input to build an XPath query for an XML database. Without proper sanitization, attackers can manipulate the query's structure.
CWE-645Overly Restrictive Account Lockout MechanismThis vulnerability occurs when an application's account lockout feature is too strict, allowing attackers to easily trigger it and lock legitimate users out of their accounts, causing a denial of service.
CWE-648Incorrect Use of Privileged APIsThis vulnerability occurs when software incorrectly uses functions that require special permissions. Attackers can exploit these mistakes to gain unauthorized access, elevate their privileges, or steal sensitive data.
CWE-649Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity CheckingThis vulnerability occurs when an application uses obfuscation or encryption to hide security-sensitive data (like tokens or parameters) but fails to verify whether that data has been altered. Without integrity checks, the system cannot detect if an attacker has tampered with these inputs.
CWE-652Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')XQuery Injection occurs when an application uses unvalidated user input to build an XQuery expression for querying an XML database. Without proper neutralization, an attacker can manipulate the query's structure.
CWE-654Reliance on a Single Factor in a Security DecisionThis vulnerability occurs when a system's security check depends almost entirely on just one condition, object, or piece of data to decide whether to grant access to sensitive resources or actions. It's like having a single, easily compromised lock on a vault, instead of a layered defense.
CWE-66Improper Handling of File Names that Identify Virtual ResourcesThis vulnerability occurs when software incorrectly processes a filename that points to a 'virtual' resource—like a device, pipe, or internal system object—instead of a regular file. The application mistakenly performs file operations (like read, write, or copy) on this non-file resource, which can lead to crashes, data exposure, or unexpected system behavior.
CWE-663Use of a Non-reentrant Function in a Concurrent ContextThis vulnerability occurs when a program uses a function that is not safe for reentrancy within a concurrent environment, such as multi-threaded code or signal handlers. If another thread or signal handler interrupts and calls the same function, it can corrupt shared data, cause crashes, or create unpredictable behavior.
CWE-676Use of Potentially Dangerous FunctionThis vulnerability occurs when code calls a function that can be dangerous if misused, but can also be used safely with proper precautions. The risk lies not in the function itself, but in how it's implemented.
CWE-681Incorrect Conversion between Numeric TypesThis vulnerability occurs when a program converts a value from one numeric type to another (like a 64-bit integer to a 32-bit integer) and the conversion loses or misinterprets data. If these corrupted values are later used in security-critical operations—like calculating buffer sizes, checking permissions, or performing financial transactions—they can lead to crashes, incorrect behavior, or security bypasses.
CWE-694Use of Multiple Resources with Duplicate IdentifierThis vulnerability occurs when a system uses multiple resources that can share the same identifier, even though the application logic requires each identifier to be unique.
CWE-695Use of Low-Level FunctionalityThis vulnerability occurs when code bypasses high-level framework controls by directly using low-level system functions, violating the intended security model.
CWE-698Execution After Redirect (EAR)Execution After Redirect (EAR) occurs when a web application sends a redirect response to a user's browser but continues to run server-side code, potentially performing unintended actions.
CWE-708Incorrect Ownership AssignmentThis vulnerability occurs when a system grants ownership of a resource to an entity that should not have that level of control, placing it outside the intended security boundary.
CWE-73External Control of File Name or PathThis vulnerability occurs when an application uses unvalidated user input to construct file or directory paths for filesystem operations.
CWE-733Compiler Optimization Removal or Modification of Security-critical CodeThis vulnerability occurs when a compiler's optimization process unintentionally strips out or alters security-critical code that a developer intentionally wrote, leaving the application exposed.
CWE-749Exposed Dangerous Method or FunctionThis vulnerability occurs when a software component exposes an API or interface containing a high-risk function that lacks proper access controls, allowing unauthorized actors to trigger it.
CWE-756Missing Custom Error PageThis vulnerability occurs when an application fails to display its own user-friendly error pages, instead falling back to default system messages that can leak sensitive technical details.
CWE-757Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')This vulnerability occurs when a protocol or system allows negotiating a security algorithm (like encryption) but chooses a weaker option than the strongest one both parties support, creating an unnecessary security gap.
CWE-76Improper Neutralization of Equivalent Special ElementsThis vulnerability occurs when an application successfully blocks or sanitizes a known set of dangerous inputs but fails to recognize and handle alternative forms that have the same meaning or effect.
CWE-763Release of Invalid Pointer or ReferenceThis vulnerability occurs when a program tries to free a memory resource back to the system but uses an incorrect deallocation method or calls the correct method improperly.
CWE-764Multiple Locks of a Critical ResourceThis vulnerability occurs when a critical resource, such as a file, data structure, or connection, is locked more times than the software logic intended, putting the system into an unstable or unresponsive state.
CWE-765Multiple Unlocks of a Critical ResourceThis vulnerability occurs when a critical resource, like a lock or semaphore, is unlocked more times than it was locked, putting the system into an unexpected and potentially unstable state.
CWE-766Critical Data Element Declared PublicThis vulnerability occurs when a critical piece of data—like a variable, field, or class member—is mistakenly declared as public when it should be kept private according to the application's security design.
CWE-767Access to Critical Private Variable via Public MethodThis vulnerability occurs when a class exposes a public method that directly accesses or alters a private variable.
CWE-770Allocation of Resources Without Limits or ThrottlingThis vulnerability occurs when a system allows users or processes to request resources without any built-in caps or rate limits. Think of it as a buffet with no rules on how much one person can take, eventually leaving nothing for others and causing the system to fail.
CWE-771Missing Reference to Active Allocated ResourceThis vulnerability occurs when software loses track of a resource it has allocated, like memory or a file handle, preventing the system from properly releasing it back for future use.
CWE-772Missing Release of Resource after Effective LifetimeThis vulnerability occurs when a program fails to properly release a system resource—like memory, file handles, or network sockets—after it is no longer needed. This leads to a gradual accumulation of unused resources, known as a resource leak.
CWE-776Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')This vulnerability occurs when an XML parser allows Document Type Definitions (DTDs) to contain recursively defined entities without proper limits, enabling malicious data structures.
CWE-778Insufficient LoggingThis weakness occurs when an application fails to properly record important security events or captures them with insufficient detail, making it hard to spot and investigate suspicious activity.
CWE-779Logging of Excessive DataThis vulnerability occurs when an application records more information than necessary in its logs, making log files difficult to analyze and potentially slowing down incident response or security investigations.
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')OS Command Injection occurs when an application builds a system command using untrusted, external input without properly sanitizing it. This allows an attacker to inject and execute arbitrary commands on the underlying operating system.
CWE-783Operator Precedence Logic ErrorThis vulnerability occurs when a developer writes a conditional expression where the intended logic is broken due to misunderstanding or misapplying the rules of operator precedence.
CWE-786Access of Memory Location Before Start of BufferThis vulnerability occurs when software attempts to read from or write to a memory location positioned before the official start of a buffer.
CWE-787Out-of-bounds WriteThis vulnerability occurs when software incorrectly writes data outside the boundaries of its allocated memory buffer, either beyond the end or before the beginning.
CWE-788Access of Memory Location After End of BufferThis vulnerability occurs when software attempts to read from or write to a memory buffer using an index or pointer that points past the buffer's allocated boundary.
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')This vulnerability occurs when a web application fails to properly sanitize or encode user-supplied input before displaying it on a webpage viewed by other users.
CWE-791Incomplete Filtering of Special ElementsThis vulnerability occurs when an application accepts data from a source but fails to properly clean or neutralize all special characters or commands before passing that data to another system component.
CWE-795Only Filtering Special Elements at a Specified LocationThis vulnerability occurs when a security filter only checks for dangerous input patterns at specific, predefined locations within the data. It fails to scan the entire input stream, allowing malicious elements that appear outside the expected location to pass through and potentially harm downstream components.
CWE-798Use of Hard-coded CredentialsThis vulnerability occurs when software contains built-in, unchangeable authentication secrets like passwords or encryption keys within its source code or configuration files.
CWE-804Guessable CAPTCHAThis vulnerability occurs when a CAPTCHA challenge is too easy for automated bots to solve, either by guessing or using pattern recognition, allowing them to bypass the human verification step.
CWE-805Buffer Access with Incorrect Length ValueThis vulnerability occurs when software reads from or writes to a buffer using a loop or sequential operation, but mistakenly calculates or provides an incorrect length value. This incorrect length causes the operation to access memory outside the buffer's allocated boundaries.
CWE-807Reliance on Untrusted Inputs in a Security DecisionThis vulnerability occurs when an application's security check depends on user-controlled data that can be manipulated to bypass protection mechanisms, such as authentication or authorization gates.
CWE-820Missing SynchronizationThis vulnerability occurs when multiple parts of your application (like threads or processes) use the same resource—such as a variable, file, or data structure—without proper coordination to control who accesses it and when.
CWE-821Incorrect SynchronizationThis vulnerability occurs when multiple parts of a program, such as threads or processes, access a shared resource like a variable, file, or data structure without proper coordination, leading to a race condition.
CWE-822Untrusted Pointer DereferenceThis vulnerability occurs when software takes a value from an untrusted source, treats it as a memory address (a pointer), and then accesses that memory location directly for reading or writing.
CWE-823Use of Out-of-range Pointer OffsetThis vulnerability occurs when a program calculates a new memory address using a valid pointer and an offset, but the resulting address points outside the intended, safe memory region, such as beyond the bounds of an array or structure.
CWE-824Access of Uninitialized PointerThis vulnerability occurs when a program tries to use a pointer variable before it has been assigned a valid memory address.
CWE-825Expired Pointer DereferenceThis vulnerability occurs when a program tries to use a pointer that still points to a memory location that has already been freed or released.
CWE-826Premature Release of Resource During Expected LifetimeThis happens when software incorrectly frees or closes a resource—like memory, a file handle, or a network connection—while that resource is still supposed to be in active use by the program or another component.
CWE-829Inclusion of Functionality from Untrusted Control SphereThis weakness occurs when an application integrates executable code, like a library or plugin, from a source it does not fully control or trust.
CWE-832Unlock of a Resource that is not LockedThis vulnerability occurs when a program tries to unlock a resource, such as a mutex or semaphore, that is not currently in a locked state.
CWE-833DeadlockDeadlock occurs when two or more threads or processes become permanently stuck, each waiting for the other to release a shared resource like a lock or mutex, preventing any of them from progressing.
CWE-835Loop with Unreachable Exit Condition ('Infinite Loop')An infinite loop occurs when a program's iteration logic contains an exit condition that can never be satisfied, causing the loop to run indefinitely and consume system resources.
CWE-836Use of Password Hash Instead of Password for AuthenticationThis vulnerability occurs when an application's authentication system accepts a password hash directly from the client for verification, instead of receiving and hashing the plaintext password on the server.
CWE-837Improper Enforcement of a Single, Unique ActionThis vulnerability occurs when a system fails to properly prevent users from repeating an action that should only be performed once, such as submitting a vote, finalizing a purchase, or requesting a refund.
CWE-838Inappropriate Encoding for Output ContextThis vulnerability occurs when a system uses one type of encoding for its output, but the component receiving that data expects a different encoding. The mismatch causes the downstream component to interpret the data incorrectly.
CWE-839Numeric Range Comparison Without Minimum CheckThis vulnerability occurs when software validates that a number is within an acceptable range by only checking that it's less than or equal to a maximum value, but fails to also verify that it is greater than or equal to a required minimum. This oversight can allow negative or otherwise invalid low values to pass the check, leading to unexpected behavior.
CWE-841Improper Enforcement of Behavioral WorkflowThis weakness occurs when an application requires a user to follow a specific sequence of actions, but fails to enforce that order. Attackers can exploit this by skipping steps, performing actions out of sequence, or interrupting the flow, which can corrupt the business logic or put the system into an invalid state.
CWE-842Placement of User into Incorrect GroupThis vulnerability occurs when a system or administrator assigns a user to the wrong security group or role.
CWE-843Access of Resource Using Incompatible Type ('Type Confusion')Type confusion occurs when a program creates a resource—like a pointer, object, or variable—with one data type, but later incorrectly accesses it as a different, incompatible type.
CWE-88Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')This vulnerability occurs when an application builds a command string for execution by another component, but fails to properly separate or 'neutralize' the intended arguments. This allows an attacker to inject additional command-line arguments, options, or switches by including argument-separating characters (like spaces or dashes) in untrusted input.
CWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')SQL Injection occurs when an application builds a database query using untrusted user input without properly sanitizing it. This allows an attacker to insert malicious SQL code that the database executes, potentially letting them view, modify, or delete sensitive data.
CWE-90Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')This vulnerability occurs when an application builds an LDAP query using untrusted user input without properly sanitizing it. An attacker can inject special characters or commands to alter the query's logic, potentially gaining unauthorized access to, modifying, or extracting sensitive directory information.
CWE-908Use of Uninitialized ResourceThis vulnerability occurs when software attempts to use a resource—like memory, a file handle, or an object—before it has been properly set up or assigned a valid starting state.
CWE-91XML Injection (aka Blind XPath Injection)XML Injection occurs when an application fails to properly validate or escape user-controlled input before including it in XML documents or queries. This allows attackers to inject malicious XML elements or syntax, potentially altering the document's structure, extracting sensitive data, or disrupting processing logic.
CWE-910Use of Expired File DescriptorThis vulnerability occurs when a program attempts to use a file descriptor after it has been closed, treating it as if it were still valid.
CWE-911Improper Update of Reference CountThis vulnerability occurs when a program uses a reference counter to track resource usage but fails to update the count correctly, either by missing an update or applying an incorrect value.
CWE-914Improper Control of Dynamically-Identified VariablesThis vulnerability occurs when an application fails to properly secure access to variables whose names are determined at runtime, allowing attackers to read or modify data they shouldn't have access to.
CWE-915Improperly Controlled Modification of Dynamically-Determined Object AttributesThis vulnerability occurs when an application accepts user input that specifies which object attributes or fields to create or update, but fails to restrict which specific attributes can be changed. Attackers can exploit this to modify sensitive internal properties they shouldn't have access to.
CWE-916Use of Password Hash With Insufficient Computational EffortThis vulnerability occurs when a system protects passwords by hashing them, but uses a hashing algorithm that is too fast or computationally cheap. This makes it easy for attackers to crack the stored password hashes using brute-force methods.
CWE-917Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')Expression Language Injection occurs when an application uses untrusted, external input to build an expression language statement—common in frameworks like Java Server Pages (JSP)—without properly sanitizing it. This allows an attacker to inject malicious expressions that alter the intended logic and execute arbitrary code when the statement is processed.
CWE-918Server-Side Request Forgery (SSRF)Server-Side Request Forgery (SSRF) occurs when a web application fetches a remote resource based on user-controlled input, but fails to properly validate or restrict where those requests are sent. This allows an attacker to trick the server into making unauthorized connections to internal systems or external domains.
CWE-920Improper Restriction of Power ConsumptionThis vulnerability occurs when software running on a power-constrained device, like a battery-powered mobile or embedded system, fails to actively manage and limit its own energy usage.
CWE-921Storage of Sensitive Data in a Mechanism without Access ControlThis vulnerability occurs when an application saves sensitive information to a storage location that lacks proper access restrictions, allowing unauthorized users or applications to view or modify the data.
CWE-924Improper Enforcement of Message Integrity During Transmission in a Communication ChannelThis vulnerability occurs when an application receives data over a network but fails to properly verify that the information wasn't altered in transit.
CWE-93Improper Neutralization of CRLF Sequences ('CRLF Injection')This vulnerability occurs when an application uses carriage return and line feed characters (CRLF) to structure data, like separating lines or records, but fails to properly sanitize these sequences from user-supplied input before processing.
CWE-939Improper Authorization in Handler for Custom URL SchemeThis vulnerability occurs when an app implements a custom URL scheme handler but fails to properly verify which other apps or sources are allowed to trigger it.
CWE-94Improper Control of Generation of Code ('Code Injection')This vulnerability occurs when an application builds executable code using unvalidated external input, such as user data. Because the application fails to properly filter or escape this input, an attacker can inject special characters or commands that alter the intended code's logic or syntax.
CWE-940Improper Verification of Source of a Communication ChannelThis vulnerability occurs when an application accepts incoming communication requests without properly checking where they originate from, allowing potentially malicious sources to establish a connection.
CWE-941Incorrectly Specified Destination in a Communication ChannelThis vulnerability occurs when an application establishes an outgoing communication channel but fails to correctly define or enforce the intended recipient. This misdirection can allow data to be sent to an untrusted or malicious destination.
CWE-96Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')Static Code Injection occurs when an application incorporates unvalidated or improperly sanitized user input directly into a static, executable resource like a configuration file, template, or library. Because this input is saved and later executed, it allows an attacker to inject malicious code that becomes a permanent part of the application's logic.
Mapping Notes
Usage: Prohibited
Reasons: View
Rationale:
This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.
Comment:
Use this View or other Views to search and navigate for the appropriate weakness.