Categories (CWE)

CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') 24
CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection') 24
CWE-693 Protection Mechanism Failure 23
CWE-613 Insufficient Session Expiration 21
CWE-358 Improperly Implemented Security Check for Standard 19
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 17
CWE-91 XML Injection (aka Blind XPath Injection) 17
CWE-824 Access of Uninitialized Pointer 16
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') 15
CWE-330 Use of Insufficiently Random Values 14
CWE-754 Improper Check for Unusual or Exceptional Conditions 14
CWE-361 Time and State 13
CWE-118 Incorrect Access of Indexable Resource ('Range Error') 13
CWE-88 Argument Injection or Modification 12
CWE-682 Incorrect Calculation 11
CWE-331 Insufficient Entropy 11
CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') 10
CWE-185 Incorrect Regular Expression 9
CWE-123 Write-what-where Condition 9
CWE-172 Encoding Error 8

Filter by ID

Filter by name