Categories (CWE)

CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') 27
CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') 24
CWE-693 Protection Mechanism Failure 23
CWE-613 Insufficient Session Expiration 21
CWE-358 Improperly Implemented Security Check for Standard 19
CWE-91 XML Injection (aka Blind XPath Injection) 18
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 17
CWE-824 Access of Uninitialized Pointer 17
CWE-754 Improper Check for Unusual or Exceptional Conditions 15
CWE-330 Use of Insufficiently Random Values 15
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') 15
CWE-118 Incorrect Access of Indexable Resource ('Range Error') 13
CWE-682 Incorrect Calculation 13
CWE-361 Time and State 13
CWE-88 Argument Injection or Modification 13
CWE-331 Insufficient Entropy 11
CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') 10
CWE-185 Incorrect Regular Expression 10
CWE-123 Write-what-where Condition 9
CWE-172 Encoding Error 8

Filter by ID

Filter by name