Categories (CWE)

CWE-417 Channel and Path Errors 28
CWE-693 Protection Mechanism Failure 27
CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') 24
CWE-754 Improper Check for Unusual or Exceptional Conditions 24
CWE-613 Insufficient Session Expiration 24
CWE-91 XML Injection (aka Blind XPath Injection) 21
CWE-824 Access of Uninitialized Pointer 20
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 20
CWE-358 Improperly Implemented Security Check for Standard 19
CWE-330 Use of Insufficiently Random Values 18
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') 16
CWE-185 Incorrect Regular Expression 16
CWE-682 Incorrect Calculation 13
CWE-361 Time and State 13
CWE-88 Argument Injection or Modification 13
CWE-118 Incorrect Access of Indexable Resource ('Range Error') 13
CWE-331 Insufficient Entropy 11
CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') 10
CWE-404 Improper Resource Shutdown or Release 10
CWE-332 Insufficient Entropy in PRNG 9

Filter by ID

Filter by name