|
CWE Number
|
Name
|
Number Of Related Vulnerabilities
|
|
79 |
Failure to Preserve Web Page Structure ('Cross-site Scripting') |
4117
|
|
119 |
Failure to Constrain Operations within the Bounds of a Memory Buffer |
4062
|
|
89 |
Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') |
3530
|
|
20 |
Improper Input Validation |
2242
|
|
94 |
Failure to Control Generation of Code ('Code Injection') |
1695
|
|
22 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
1433
|
|
200 |
Information Exposure |
1297
|
|
287 |
Improper Authentication |
726
|
|
59 |
Improper Link Resolution Before File Access ('Link Following') |
322
|
|
362 |
Race Condition |
245
|
|
134 |
Uncontrolled Format String |
137
|
|
78 |
Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') |
75
|
|
102 |
Struts: Duplicate Validation Forms |
|
|
103 |
Struts: Incomplete validate() Method Definition |
|
|
104 |
Struts: Form Bean Does Not Extend Validation Class |
|
|
105 |
Struts: Form Field Without Validator |
|
|
106 |
Struts: Plug-in Framework not in Use |
|
|
107 |
Struts: Unused Validation Form |
|
|
108 |
Struts: Unvalidated Action Form |
|
|
109 |
Struts: Validator Turned Off |
|
|
11 |
ASP.NET Misconfiguration: Creating Debug Binary |
|
|
110 |
Struts: Validator Without Form Field |
|
|
111 |
Direct Use of Unsafe JNI |
|
|
112 |
Missing XML Validation |
|
|
113 |
Failure to Sanitize CRLF Sequences in HTTP Headers ('HTTP Response Splitting') |
|
|
114 |
Process Control |
|
|
115 |
Misinterpretation of Input |
|
|
116 |
Improper Encoding or Escaping of Output |
|
|
117 |
Improper Output Sanitization for Logs |
|
|
118 |
Improper Access of Indexable Resource ('Range Error') |
|
|
12 |
ASP.NET Misconfiguration: Missing Custom Error Page |
|
|
120 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
|
|
121 |
Stack-based Buffer Overflow |
|
|
122 |
Heap-based Buffer Overflow |
|
|
123 |
Write-what-where Condition |
|
|
124 |
Buffer Underwrite ('Buffer Underflow') |
|
|
125 |
Out-of-bounds Read |
|
|
126 |
Buffer Over-read |
|
|
127 |
Buffer Under-read |
|
|
128 |
Wrap-around Error |
|
|
129 |
Improper Validation of Array Index |
|
|
13 |
ASP.NET Misconfiguration: Password in Configuration File |
|
|
130 |
Improper Handling of Length Parameter Inconsistency |
|
|
131 |
Incorrect Calculation of Buffer Size |
|
|
132 |
DEPRECATED (Duplicate): Miscalculated Null Termination |
|
|
135 |
Incorrect Calculation of Multi-Byte String Length |
|
|
138 |
Improper Neutralization of Special Elements |
|
|
14 |
Compiler Removal of Code to Clear Buffers |
|
|
140 |
Failure to Sanitize Delimiters |
|
|
141 |
Improper Neutralization of Parameter/Argument Delimiters |
|
