Categories (CWE)

CWE-693 Protection Mechanism Failure 22
CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') 21
CWE-613 Insufficient Session Expiration 18
CWE-358 Improperly Implemented Security Check for Standard 18
CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') 18
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') 14
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 14
CWE-91 XML Injection (aka Blind XPath Injection) 14
CWE-824 Access of Uninitialized Pointer 13
CWE-361 Time and State 13
CWE-754 Improper Check for Unusual or Exceptional Conditions 13
CWE-118 Incorrect Access of Indexable Resource ('Range Error') 12
CWE-331 Insufficient Entropy 11
CWE-330 Use of Insufficiently Random Values 11
CWE-682 Incorrect Calculation 10
CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') 10
CWE-88 Argument Injection or Modification 10
CWE-172 Encoding Error 8
CWE-185 Incorrect Regular Expression 7
CWE-18 Source Code 6

Filter by ID

Filter by name