| CWE |
Entity Type | Python Warning Classes |
| CWE:94 Improper Control of Generation of Code ('Code Injection') |
Weakness | |
| CWE:118 Incorrect Access of Indexable Resource ('Range Error') |
Weakness | |
| CWE:125 Out-of-bounds Read |
Weakness | |
| CWE:229 Improper Handling of Values |
Weakness | |
| CWE:396 Declaration of Catch for Generic Exception |
Weakness | |
| CWE:413 Improper Resource Locking |
Weakness | |
| CWE:453 Insecure Default Variable Initialization |
Weakness | |
| CWE:462 Duplicate Key in Associative List (Alist) |
Weakness | |
| CWE:477 Use of Obsolete Function |
Weakness | |
| CWE:480 Use of Incorrect Operator |
Weakness | |
| CWE:489 Active Debug Code |
Weakness | |
| CWE:546 Suspicious Comment |
Weakness | |
| CWE:561 Dead Code |
Weakness | |
| CWE:563 Assignment to Variable without Use |
Weakness | |
| CWE:570 Expression is Always False |
Weakness | |
| CWE:571 Expression is Always True |
Weakness | |
| CWE:573 Improper Following of Specification by Caller |
Weakness | |
| CWE:584 Return Inside Finally Block |
Weakness | |
| CWE:589 Call to Non-ubiquitous API |
Weakness | |
| CWE:597 Use of Wrong Operator in String Comparison |
Weakness | |
| CWE:628 Function Call with Incorrectly Specified Arguments |
Weakness | |
| CWE:664 Improper Control of a Resource Through its Lifetime |
Weakness | |
| CWE:676 Use of Potentially Dangerous Function |
Weakness | |
| CWE:683 Function Call With Incorrect Order of Arguments |
Weakness | |
| CWE:685 Function Call With Incorrect Number of Arguments |
Weakness | |
| CWE:686 Function Call With Incorrect Argument Type |
Weakness | |
| CWE:687 Function Call With Incorrectly Specified Argument Value |
Weakness | |
| CWE:694 Use of Multiple Resources with Duplicate Identifier |
Weakness | |
| CWE:697 Incorrect Comparison |
Weakness | |
| CWE:732 Incorrect Permission Assignment for Critical Resource |
Weakness | |
| CWE:754 Improper Check for Unusual or Exceptional Conditions |
Weakness | |
| CWE:755 Improper Handling of Exceptional Conditions |
Weakness | |
| CWE:758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior |
Weakness | |
| CWE:770 Allocation of Resources Without Limits or Throttling |
Weakness | |
| CWE:787 Out-of-bounds Write |
Weakness | |
| CWE:833 Deadlock |
Weakness | |
| CWE:908 Use of Uninitialized Resource |
Weakness | |
| CWE:1023 Incomplete Comparison with Missing Factors |
Weakness | |
| CWE:1025 Comparison Using Wrong Factors |
Weakness | |
| CWE:1041 Use of Redundant Code |
Weakness | |
| CWE:1047 Modules with Circular Dependencies |
Weakness | |
| CWE:1055 Multiple Inheritance from Concrete Classes |
Weakness | |
| CWE:1059 Insufficient Technical Documentation |
Weakness | |
| CWE:1064 Invokable Control Element with Signature Containing an Excessive Number of Parameters |
Weakness | |
| CWE:1076 Insufficient Adherence to Expected Conventions |
Weakness | |
| CWE:1077 Floating Point Comparison with Incorrect Operator |
Weakness | |
| CWE:1078 Inappropriate Source Code Style or Formatting |
Weakness | |
| CWE:1080 Source Code File with Excessive Number of Lines of Code |
Weakness | |
| CWE:1088 Synchronous Access of Remote Resource without Timeout |
Weakness | |
| CWE:1095 Loop Condition Value Update within the Loop |
Weakness | |
| CWE:1099 Inconsistent Naming Conventions for Identifiers |
Weakness | |
| CWE:1108 Excessive Reliance on Global Variables |
Weakness | |
| CWE:1114 Inappropriate Whitespace Style |
Weakness | |
| CWE:1120 Excessive Code Complexity |
Weakness | |
| CWE:1124 Excessively Deep Nesting |
Weakness | |
| CWE:1164 Irrelevant Code |
Weakness | |
| CWE |
Entity Type | Python Warning Classes |
| CWE:19 Data Processing Errors |
Category | |
| CWE:20 Improper Input Validation |
Weakness | |
| CWE:74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
Weakness | |
| CWE:94 Improper Control of Generation of Code ('Code Injection') |
Weakness | |
| CWE:99 Improper Control of Resource Identifiers ('Resource Injection') |
Weakness | |
| CWE:118 Incorrect Access of Indexable Resource ('Range Error') |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:119 Improper Restriction of Operations within the Bounds of a Memory Buffer |
Weakness | |
| CWE:125 Out-of-bounds Read |
Weakness | |
| CWE:133 String Errors |
Category |
| also related |
|
| hierarchy ancestor |
|
|
| CWE:137 Data Neutralization Issues |
Category | |
| CWE:221 Information Loss or Omission |
Weakness | |
| CWE:227 7PK - API Abuse |
Category | |
| CWE:228 Improper Handling of Syntactically Invalid Structure |
Weakness | |
| CWE:229 Improper Handling of Values |
Weakness | |
| CWE:252 Unchecked Return Value |
Weakness | |
| CWE:254 7PK - Security Features |
Category | |
| CWE:284 Improper Access Control |
Weakness | |
| CWE:285 Improper Authorization |
Weakness | |
| CWE:388 7PK - Errors |
Category | |
| CWE:389 Error Conditions, Return Values, Status Codes |
Category | |
| CWE:394 Unexpected Status Code or Return Value |
Weakness | |
| CWE:396 Declaration of Catch for Generic Exception |
Weakness | |
| CWE:398 7PK - Code Quality |
Category | |
| CWE:399 Resource Management Errors |
Category | |
| CWE:400 Uncontrolled Resource Consumption |
Weakness | |
| CWE:404 Improper Resource Shutdown or Release |
Weakness | |
| CWE:411 Resource Locking Problems |
Category | |
| CWE:413 Improper Resource Locking |
Weakness | |
| CWE:438 Behavioral Problems |
Category | |
| CWE:452 Initialization and Cleanup Errors |
Category | |
| CWE:453 Insecure Default Variable Initialization |
Weakness | |
| CWE:457 Use of Uninitialized Variable |
Weakness | |
| CWE:462 Duplicate Key in Associative List (Alist) |
Weakness | |
| CWE:471 Modification of Assumed-Immutable Data (MAID) |
Weakness | |
| CWE:474 Use of Function with Inconsistent Implementations |
Weakness | |
| CWE:477 Use of Obsolete Function |
Weakness | |
| CWE:480 Use of Incorrect Operator |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:485 7PK - Encapsulation |
Category | |
| CWE:489 Active Debug Code |
Weakness | |
| CWE:506 Embedded Malicious Code |
Weakness | |
| CWE:546 Suspicious Comment |
Weakness | |
| CWE:557 Concurrency Issues |
Category | |
| CWE:561 Dead Code |
Weakness | |
| CWE:563 Assignment to Variable without Use |
Weakness | |
| CWE:569 Expression Issues |
Category | |
| CWE:570 Expression is Always False |
Weakness | |
| CWE:571 Expression is Always True |
Weakness | |
| CWE:573 Improper Following of Specification by Caller |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:584 Return Inside Finally Block |
Weakness | |
| CWE:589 Call to Non-ubiquitous API |
Weakness | |
| CWE:595 Comparison of Object References Instead of Object Contents |
Weakness | |
| CWE:597 Use of Wrong Operator in String Comparison |
Weakness | |
| CWE:628 Function Call with Incorrectly Specified Arguments |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:629 Weaknesses in OWASP Top Ten (2007) |
View | |
| CWE:635 Weaknesses Originally Used by NVD from 2008 to 2016 |
View | |
| CWE:657 Violation of Secure Design Principles |
Weakness | |
| CWE:658 Weaknesses in Software Written in C |
View | |
| CWE:659 Weaknesses in Software Written in C++ |
View | |
| CWE:660 Weaknesses in Software Written in Java |
View | |
| CWE:661 Weaknesses in Software Written in PHP |
View | |
| CWE:662 Improper Synchronization |
Weakness | |
| CWE:664 Improper Control of a Resource Through its Lifetime |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:665 Improper Initialization |
Weakness | |
| CWE:667 Improper Locking |
Weakness | |
| CWE:668 Exposure of Resource to Wrong Sphere |
Weakness | |
| CWE:670 Always-Incorrect Control Flow Implementation |
Weakness | |
| CWE:676 Use of Potentially Dangerous Function |
Weakness | |
| CWE:677 Weakness Base Elements |
View | |
| CWE:683 Function Call With Incorrect Order of Arguments |
Weakness |
| closely mapped |
|
| also related |
|
|
| CWE:684 Incorrect Provision of Specified Functionality |
Weakness | |
| CWE:685 Function Call With Incorrect Number of Arguments |
Weakness |
| closely mapped |
|
| also related |
|
|
| CWE:686 Function Call With Incorrect Argument Type |
Weakness |
| closely mapped |
|
| also related |
|
|
| CWE:687 Function Call With Incorrectly Specified Argument Value |
Weakness | |
| CWE:688 Function Call With Incorrect Variable or Reference as Argument |
Weakness | |
| CWE:691 Insufficient Control Flow Management |
Weakness | |
| CWE:694 Use of Multiple Resources with Duplicate Identifier |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:697 Incorrect Comparison |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:699 Software Development |
View | |
| CWE:700 Seven Pernicious Kingdoms |
View | |
| CWE:701 Weaknesses Introduced During Design |
View | |
| CWE:702 Weaknesses Introduced During Implementation |
View | |
| CWE:703 Improper Check or Handling of Exceptional Conditions |
Weakness | |
| CWE:704 Incorrect Type Conversion or Cast |
Weakness | |
| CWE:705 Incorrect Control Flow Scoping |
Weakness | |
| CWE:707 Improper Neutralization |
Weakness | |
| CWE:710 Improper Adherence to Coding Standards |
Weakness | |
| CWE:711 Weaknesses in OWASP Top Ten (2004) |
View | |
| CWE:721 OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access |
Category | |
| CWE:722 OWASP Top Ten 2004 Category A1 - Unvalidated Input |
Category | |
| CWE:723 OWASP Top Ten 2004 Category A2 - Broken Access Control |
Category | |
| CWE:726 OWASP Top Ten 2004 Category A5 - Buffer Overflows |
Category | |
| CWE:727 OWASP Top Ten 2004 Category A6 - Injection Flaws |
Category | |
| CWE:728 OWASP Top Ten 2004 Category A7 - Improper Error Handling |
Category | |
| CWE:730 OWASP Top Ten 2004 Category A9 - Denial of Service |
Category | |
| CWE:731 OWASP Top Ten 2004 Category A10 - Insecure Configuration Management |
Category | |
| CWE:732 Incorrect Permission Assignment for Critical Resource |
Weakness | |
| CWE:734 Weaknesses Addressed by the CERT C Secure Coding Standard (2008) |
View | |
| CWE:735 CERT C Secure Coding Standard (2008) Chapter 2 - Preprocessor (PRE) |
Category | |
| CWE:736 CERT C Secure Coding Standard (2008) Chapter 3 - Declarations and Initialization (DCL) |
Category | |
| CWE:737 CERT C Secure Coding Standard (2008) Chapter 4 - Expressions (EXP) |
Category | |
| CWE:738 CERT C Secure Coding Standard (2008) Chapter 5 - Integers (INT) |
Category | |
| CWE:739 CERT C Secure Coding Standard (2008) Chapter 6 - Floating Point (FLP) |
Category | |
| CWE:740 CERT C Secure Coding Standard (2008) Chapter 7 - Arrays (ARR) |
Category | |
| CWE:741 CERT C Secure Coding Standard (2008) Chapter 8 - Characters and Strings (STR) |
Category | |
| CWE:742 CERT C Secure Coding Standard (2008) Chapter 9 - Memory Management (MEM) |
Category | |
| CWE:743 CERT C Secure Coding Standard (2008) Chapter 10 - Input Output (FIO) |
Category | |
| CWE:744 CERT C Secure Coding Standard (2008) Chapter 11 - Environment (ENV) |
Category | |
| CWE:745 CERT C Secure Coding Standard (2008) Chapter 12 - Signals (SIG) |
Category | |
| CWE:746 CERT C Secure Coding Standard (2008) Chapter 13 - Error Handling (ERR) |
Category | |
| CWE:747 CERT C Secure Coding Standard (2008) Chapter 14 - Miscellaneous (MSC) |
Category | |
| CWE:748 CERT C Secure Coding Standard (2008) Appendix - POSIX (POS) |
Category | |
| CWE:750 Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors |
View | |
| CWE:751 2009 Top 25 - Insecure Interaction Between Components |
Category | |
| CWE:752 2009 Top 25 - Risky Resource Management |
Category | |
| CWE:753 2009 Top 25 - Porous Defenses |
Category | |
| CWE:754 Improper Check for Unusual or Exceptional Conditions |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:755 Improper Handling of Exceptional Conditions |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:770 Allocation of Resources Without Limits or Throttling |
Weakness | |
| CWE:787 Out-of-bounds Write |
Weakness | |
| CWE:800 Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors |
View | |
| CWE:802 2010 Top 25 - Risky Resource Management |
Category | |
| CWE:803 2010 Top 25 - Porous Defenses |
Category | |
| CWE:809 Weaknesses in OWASP Top Ten (2010) |
View | |
| CWE:813 OWASP Top Ten 2010 Category A4 - Insecure Direct Object References |
Category | |
| CWE:815 OWASP Top Ten 2010 Category A6 - Security Misconfiguration |
Category | |
| CWE:817 OWASP Top Ten 2010 Category A8 - Failure to Restrict URL Access |
Category | |
| CWE:821 Incorrect Synchronization |
Weakness | |
| CWE:833 Deadlock |
Weakness | |
| CWE:840 Business Logic Errors |
Category | |
| CWE:844 Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011) |
View | |
| CWE:846 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 3 - Declarations and Initialization (DCL) |
Category | |
| CWE:847 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP) |
Category | |
| CWE:850 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET) |
Category | |
| CWE:851 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR) |
Category | |
| CWE:852 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA) |
Category | |
| CWE:853 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK) |
Category | |
| CWE:854 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 11 - Thread APIs (THI) |
Category | |
| CWE:857 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO) |
Category | |
| CWE:858 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER) |
Category | |
| CWE:859 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC) |
Category | |
| CWE:860 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 17 - Runtime Environment (ENV) |
Category | |
| CWE:861 The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC) |
Category | |
| CWE:865 2011 Top 25 - Risky Resource Management |
Category | |
| CWE:866 2011 Top 25 - Porous Defenses |
Category | |
| CWE:867 2011 Top 25 - Weaknesses On the Cusp |
Category | |
| CWE:868 Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version) |
View | |
| CWE:871 CERT C++ Secure Coding Section 03 - Expressions (EXP) |
Category | |
| CWE:872 CERT C++ Secure Coding Section 04 - Integers (INT) |
Category | |
| CWE:873 CERT C++ Secure Coding Section 05 - Floating Point Arithmetic (FLP) |
Category | |
| CWE:874 CERT C++ Secure Coding Section 06 - Arrays and the STL (ARR) |
Category | |
| CWE:875 CERT C++ Secure Coding Section 07 - Characters and Strings (STR) |
Category | |
| CWE:876 CERT C++ Secure Coding Section 08 - Memory Management (MEM) |
Category | |
| CWE:877 CERT C++ Secure Coding Section 09 - Input Output (FIO) |
Category | |
| CWE:878 CERT C++ Secure Coding Section 10 - Environment (ENV) |
Category | |
| CWE:879 CERT C++ Secure Coding Section 11 - Signals (SIG) |
Category | |
| CWE:880 CERT C++ Secure Coding Section 12 - Exceptions and Error Handling (ERR) |
Category | |
| CWE:882 CERT C++ Secure Coding Section 14 - Concurrency (CON) |
Category | |
| CWE:883 CERT C++ Secure Coding Section 49 - Miscellaneous (MSC) |
Category | |
| CWE:884 CWE Cross-section |
View | |
| CWE:885 SFP Primary Cluster: Risky Values |
Category | |
| CWE:886 SFP Primary Cluster: Unused entities |
Category | |
| CWE:887 SFP Primary Cluster: API |
Category | |
| CWE:888 Software Fault Pattern (SFP) Clusters |
View | |
| CWE:889 SFP Primary Cluster: Exception Management |
Category | |
| CWE:890 SFP Primary Cluster: Memory Access |
Category | |
| CWE:892 SFP Primary Cluster: Resource Management |
Category | |
| CWE:894 SFP Primary Cluster: Synchronization |
Category | |
| CWE:895 SFP Primary Cluster: Information Leak |
Category | |
| CWE:896 SFP Primary Cluster: Tainted Input |
Category | |
| CWE:897 SFP Primary Cluster: Entry Points |
Category | |
| CWE:899 SFP Primary Cluster: Access Control |
Category | |
| CWE:900 Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors |
View | |
| CWE:904 SFP Primary Cluster: Malware |
Category | |
| CWE:906 SFP Primary Cluster: UI |
Category | |
| CWE:907 SFP Primary Cluster: Other |
Category | |
| CWE:908 Use of Uninitialized Resource |
Weakness |
| closely mapped |
|
| also related |
|
| hierarchy ancestor |
|
|
| CWE:912 Hidden Functionality |
Weakness | |
| CWE:913 Improper Control of Dynamically-Managed Code Resources |
Weakness | |
| CWE:928 Weaknesses in OWASP Top Ten (2013) |
View | |
| CWE:929 OWASP Top Ten 2013 Category A1 - Injection |
Category | |
| CWE:932 OWASP Top Ten 2013 Category A4 - Insecure Direct Object References |
Category | |
| CWE:935 OWASP Top Ten 2013 Category A7 - Missing Function Level Access Control |
Category | |
| CWE:944 SFP Secondary Cluster: Access Management |
Category | |
| CWE:945 SFP Secondary Cluster: Insecure Resource Access |
Category | |
| CWE:946 SFP Secondary Cluster: Insecure Resource Permissions |
Category | |
| CWE:960 SFP Secondary Cluster: Ambiguous Exception Type |
Category | |
| CWE:961 SFP Secondary Cluster: Incorrect Exception Behavior |
Category | |
| CWE:962 SFP Secondary Cluster: Unchecked Status Condition |
Category | |
| CWE:963 SFP Secondary Cluster: Exposed Data |
Category | |
| CWE:966 SFP Secondary Cluster: Other Exposures |
Category | |
| CWE:970 SFP Secondary Cluster: Faulty Buffer Access |
Category | |
| CWE:975 SFP Secondary Cluster: Architecture |
Category | |
| CWE:977 SFP Secondary Cluster: Design |
Category | |
| CWE:978 SFP Secondary Cluster: Implementation |
Category | |
| CWE:982 SFP Secondary Cluster: Failure to Release Resource |
Category | |
| CWE:984 SFP Secondary Cluster: Life Cycle |
Category | |
| CWE:985 SFP Secondary Cluster: Unrestricted Consumption |
Category | |
| CWE:986 SFP Secondary Cluster: Missing Lock |
Category | |
| CWE:990 SFP Secondary Cluster: Tainted Input to Command |
Category | |
| CWE:991 SFP Secondary Cluster: Tainted Input to Environment |
Category | |
| CWE:993 SFP Secondary Cluster: Incorrect Input Handling |
Category | |
| CWE:994 SFP Secondary Cluster: Tainted Input to Variable |
Category | |
| CWE:997 SFP Secondary Cluster: Information Loss |
Category | |
| CWE:998 SFP Secondary Cluster: Glitch in Computation |
Category | |
| CWE:1000 Research Concepts |
View | |
| CWE:1001 SFP Secondary Cluster: Use of an Improper API |
Category | |
| CWE:1002 SFP Secondary Cluster: Unexpected Entry Points |
Category | |
| CWE:1003 Weaknesses for Simplified Mapping of Published Vulnerabilities |
View | |
| CWE:1005 7PK - Input Validation and Representation |
Category | |
| CWE:1006 Bad Coding Practices |
Category | |
| CWE:1008 Architectural Concepts |
View | |
| CWE:1011 Authorize Actors |
Category | |
| CWE:1012 Cross Cutting |
Category | |
| CWE:1019 Validate Inputs |
Category | |
| CWE:1020 Verify Message Integrity |
Category | |
| CWE:1023 Incomplete Comparison with Missing Factors |
Weakness | |
| CWE:1025 Comparison Using Wrong Factors |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:1026 Weaknesses in OWASP Top Ten (2017) |
View | |
| CWE:1031 OWASP Top Ten 2017 Category A5 - Broken Access Control |
Category | |
| CWE:1032 OWASP Top Ten 2017 Category A6 - Security Misconfiguration |
Category | |
| CWE:1040 Quality Weaknesses with Indirect Security Impacts |
View | |
| CWE:1041 Use of Redundant Code |
Weakness | |
| CWE:1047 Modules with Circular Dependencies |
Weakness | |
| CWE:1055 Multiple Inheritance from Concrete Classes |
Weakness | |
| CWE:1059 Insufficient Technical Documentation |
Weakness | |
| CWE:1064 Invokable Control Element with Signature Containing an Excessive Number of Parameters |
Weakness | |
| CWE:1076 Insufficient Adherence to Expected Conventions |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:1077 Floating Point Comparison with Incorrect Operator |
Weakness | |
| CWE:1078 Inappropriate Source Code Style or Formatting |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:1080 Source Code File with Excessive Number of Lines of Code |
Weakness | |
| CWE:1081 Entries with Maintenance Notes |
View | |
| CWE:1088 Synchronous Access of Remote Resource without Timeout |
Weakness | |
| CWE:1093 Excessively Complex Data Representation |
Weakness | |
| CWE:1095 Loop Condition Value Update within the Loop |
Weakness | |
| CWE:1099 Inconsistent Naming Conventions for Identifiers |
Weakness | |
| CWE:1108 Excessive Reliance on Global Variables |
Weakness | |
| CWE:1114 Inappropriate Whitespace Style |
Weakness | |
| CWE:1120 Excessive Code Complexity |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:1124 Excessively Deep Nesting |
Weakness | |
| CWE:1128 CISQ Quality Measures (2016) |
View | |
| CWE:1129 CISQ Quality Measures (2016) - Reliability |
Category | |
| CWE:1130 CISQ Quality Measures (2016) - Maintainability |
Category | |
| CWE:1131 CISQ Quality Measures (2016) - Security |
Category | |
| CWE:1133 Weaknesses Addressed by the SEI CERT Oracle Coding Standard for Java |
View | |
| CWE:1135 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 01. Declarations and Initialization (DCL) |
Category | |
| CWE:1136 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 02. Expressions (EXP) |
Category | |
| CWE:1140 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 06. Methods (MET) |
Category | |
| CWE:1141 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 07. Exceptional Behavior (ERR) |
Category | |
| CWE:1142 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 08. Visibility and Atomicity (VNA) |
Category | |
| CWE:1143 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 09. Locking (LCK) |
Category | |
| CWE:1147 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 13. Input Output (FIO) |
Category | |
| CWE:1148 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 14. Serialization (SER) |
Category | |
| CWE:1149 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 15. Platform Security (SEC) |
Category | |
| CWE:1150 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 16. Runtime Environment (ENV) |
Category | |
| CWE:1152 SEI CERT Oracle Secure Coding Standard for Java - Guidelines 49. Miscellaneous (MSC) |
Category | |
| CWE:1154 Weaknesses Addressed by the SEI CERT C Coding Standard |
View | |
| CWE:1157 SEI CERT C Coding Standard - Guidelines 03. Expressions (EXP) |
Category | |
| CWE:1158 SEI CERT C Coding Standard - Guidelines 04. Integers (INT) |
Category | |
| CWE:1160 SEI CERT C Coding Standard - Guidelines 06. Arrays (ARR) |
Category | |
| CWE:1161 SEI CERT C Coding Standard - Guidelines 07. Characters and Strings (STR) |
Category | |
| CWE:1162 SEI CERT C Coding Standard - Guidelines 08. Memory Management (MEM) |
Category | |
| CWE:1163 SEI CERT C Coding Standard - Guidelines 09. Input Output (FIO) |
Category | |
| CWE:1164 Irrelevant Code |
Weakness |
| closely mapped |
|
| hierarchy ancestor |
|
|
| CWE:1165 SEI CERT C Coding Standard - Guidelines 10. Environment (ENV) |
Category | |
| CWE:1166 SEI CERT C Coding Standard - Guidelines 11. Signals (SIG) |
Category | |
| CWE:1167 SEI CERT C Coding Standard - Guidelines 12. Error Handling (ERR) |
Category | |
| CWE:1169 SEI CERT C Coding Standard - Guidelines 14. Concurrency (CON) |
Category | |
| CWE:1170 SEI CERT C Coding Standard - Guidelines 48. Miscellaneous (MSC) |
Category | |
| CWE:1171 SEI CERT C Coding Standard - Guidelines 50. POSIX (POS) |
Category | |
| CWE:1177 Use of Prohibited Code |
Weakness | |
| CWE:1178 Weaknesses Addressed by the SEI CERT Perl Coding Standard |
View | |
| CWE:1180 SEI CERT Perl Coding Standard - Guidelines 02. Declarations and Initialization (DCL) |
Category | |
| CWE:1181 SEI CERT Perl Coding Standard - Guidelines 03. Expressions (EXP) |
Category | |
| CWE:1186 SEI CERT Perl Coding Standard - Guidelines 50. Miscellaneous (MSC) |
Category | |
| CWE:1188 Initialization of a Resource with an Insecure Default |
Weakness | |
| CWE:1194 Hardware Design |
View | |
| CWE:1195 Manufacturing and Life Cycle Management Concerns |
Category | |
| CWE:1200 Weaknesses in the 2019 CWE Top 25 Most Dangerous Software Errors |
View | |
| CWE:1208 Cross-Cutting Problems |
Category | |
| CWE:1218 Memory Buffer Errors |
Category | |
| CWE:1226 Complexity Issues |
Category | |
| CWE:1228 API / Function Errors |
Category | |
| CWE:1305 CISQ Quality Measures (2020) |
View | |
| CWE:1306 CISQ Quality Measures - Reliability |
Category | |
| CWE:1307 CISQ Quality Measures - Maintainability |
Category | |
| CWE:1308 CISQ Quality Measures - Security |
Category | |
| CWE:1309 CISQ Quality Measures - Efficiency |
Category | |
| CWE:1337 Weaknesses in the 2021 CWE Top 25 Most Dangerous Software Weaknesses |
View | |
| CWE:1340 CISQ Data Protection Measures |
View | |
| CWE:1344 Weaknesses in OWASP Top Ten (2021) |
View | |
| CWE:1345 OWASP Top Ten 2021 Category A01:2021 - Broken Access Control |
Category | |
| CWE:1347 OWASP Top Ten 2021 Category A03:2021 - Injection |
Category | |
| CWE:1348 OWASP Top Ten 2021 Category A04:2021 - Insecure Design |
Category | |
| CWE:1349 OWASP Top Ten 2021 Category A05:2021 - Security Misconfiguration |
Category | |
| CWE:1350 Weaknesses in the 2020 CWE Top 25 Most Dangerous Software Weaknesses |
View | |
| CWE:1358 Weaknesses in SEI ETF Categories of Security Vulnerabilities in ICS |
View | |
| CWE:1359 ICS Communications |
Category | |
| CWE:1360 ICS Dependencies (& Architecture) |
Category | |
| CWE:1361 ICS Supply Chain |
Category | |
| CWE:1362 ICS Engineering (Constructions/Deployment) |
Category | |
| CWE:1363 ICS Operations (& Maintenance) |
Category | |
| CWE:1364 ICS Communications: Zone Boundary Failures |
Category | |
| CWE:1366 ICS Communications: Frail Security in Protocols |
Category | |
| CWE:1368 ICS Dependencies (& Architecture): External Digital Systems |
Category | |
| CWE:1369 ICS Supply Chain: IT/OT Convergence/Expansion |
Category | |
| CWE:1370 ICS Supply Chain: Common Mode Frailties |
Category | |
| CWE:1371 ICS Supply Chain: Poorly Documented or Undocumented Features |
Category | |
| CWE:1372 ICS Supply Chain: OT Counterfeit and Malicious Corruption |
Category | |
| CWE:1375 ICS Engineering (Construction/Deployment): Gaps in Details/Data |
Category | |
| CWE:1382 ICS Operations (& Maintenance): Emerging Energy Technologies |
Category | |
| CWE:1383 ICS Operations (& Maintenance): Compliance/Conformance with Regulatory Requirements |
Category | |
| CWE:1387 Weaknesses in the 2022 CWE Top 25 Most Dangerous Software Weaknesses |
View | |
| CWE:1395 Dependency on Vulnerable Third-Party Component |
Weakness | |
| CWE:1396 Comprehensive Categorization: Access Control |
Category | |
| CWE:1397 Comprehensive Categorization: Comparison |
Category | |
| CWE:1399 Comprehensive Categorization: Memory Safety |
Category | |
| CWE:1400 Comprehensive Categorization for Software Assurance Trends |
View | |
| CWE:1401 Comprehensive Categorization: Concurrency |
Category | |
| CWE:1403 Comprehensive Categorization: Exposed Resource |
Category | |
| CWE:1405 Comprehensive Categorization: Improper Check or Handling of Exceptional Conditions |
Category | |
| CWE:1406 Comprehensive Categorization: Improper Input Validation |
Category | |
| CWE:1407 Comprehensive Categorization: Improper Neutralization |
Category | |
| CWE:1409 Comprehensive Categorization: Injection |
Category | |
| CWE:1410 Comprehensive Categorization: Insufficient Control Flow Management |
Category | |
| CWE:1412 Comprehensive Categorization: Poor Coding Practices |
Category | |
| CWE:1416 Comprehensive Categorization: Resource Lifecycle Management |
Category | |
| CWE:1418 Comprehensive Categorization: Violation of Secure Design Principles |
Category | |
| CWE:1419 Incorrect Initialization of Resource |
Weakness | |
| CWE:1424 Weaknesses Addressed by ISA/IEC 62443 Requirements |
View | |
| CWE:1425 Weaknesses in the 2023 CWE Top 25 Most Dangerous Software Weaknesses |
View | |
| CWE:1430 Weaknesses in the 2024 CWE Top 25 Most Dangerous Software Weaknesses |
View | |
| CWE:2000 Comprehensive CWE Dictionary |
View | |