Categories (CWE)

CWE-417 Channel and Path Errors 19
CWE-290 Authentication Bypass by Spoofing 17
CWE-185 Incorrect Regular Expression 17
CWE-331 Insufficient Entropy 15
CWE-209 Information Exposure Through an Error Message 14
CWE-118 Incorrect Access of Indexable Resource ('Range Error') 13
CWE-116 Improper Encoding or Escaping of Output 12
CWE-829 Inclusion of Functionality from Untrusted Control Sphere 11
CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') 11
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition 11
CWE-332 Insufficient Entropy in PRNG 10
CWE-922 Insecure Storage of Sensitive Information 10
CWE-916 Use of Password Hash With Insufficient Computational Effort 9
CWE-172 Encoding Error 9
CWE-123 Write-what-where Condition 9
CWE-610 Externally Controlled Reference to a Resource in Another Sphere 8
CWE-749 Exposed Dangerous Method or Function 8
CWE-494 Download of Code Without Integrity Check 8
CWE-297 Improper Validation of Certificate with Host Mismatch 8
CWE-354 Improper Validation of Integrity Check Value 8

Filter by ID

Filter by name