Categories (CWE)

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer 9754
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 8051
CWE-264 Permissions, Privileges, and Access Controls 6105
CWE-20 Improper Input Validation 4998
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 4610
CWE-200 Information Exposure 4344
CWE-399 Resource Management Errors 3166
CWE-310 Cryptographic Issues 2359
CWE-94 Improper Control of Generation of Code ('Code Injection') 2163
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 2157
CWE-284 Improper Access Control 1903
CWE-352 Cross-Site Request Forgery (CSRF) 1479
CWE-189 Numeric Errors 1408
CWE-287 Improper Authentication 1184
CWE-255 Credentials Management 749
CWE-254 Security Features 495
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 495
CWE-59 Improper Link Resolution Before File Access ('Link Following') 453
CWE-125 Out-of-bounds Read 446
CWE-476 NULL Pointer Dereference 371

Filter by ID

Filter by name