Categories (CWE)

CWE-417 Channel and Path Errors 30
CWE-693 Protection Mechanism Failure 30
CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') 25
CWE-754 Improper Check for Unusual or Exceptional Conditions 25
CWE-613 Insufficient Session Expiration 25
CWE-358 Improperly Implemented Security Check for Standard 23
CWE-91 XML Injection (aka Blind XPath Injection) 22
CWE-824 Access of Uninitialized Pointer 22
CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 20
CWE-330 Use of Insufficiently Random Values 19
CWE-88 Argument Injection or Modification 18
CWE-185 Incorrect Regular Expression 17
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') 17
CWE-118 Incorrect Access of Indexable Resource ('Range Error') 13
CWE-361 Time and State 13
CWE-682 Incorrect Calculation 13
CWE-665 Improper Initialization 12
CWE-331 Insufficient Entropy 12
CWE-404 Improper Resource Shutdown or Release 11
CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') 11

Filter by ID

Filter by name