This section lists the built-in CodeSonar warning classes and their
closely-corresponding CWE IDs: that is, the
CWE IDs that appear in the Categories list for
each class. Note that not all CodeSonar classes have a
closely-corresponding CWE ID, and not all CWE IDs have a
closely-corresponding CodeSonar warning class.
This version of CodeSonar (9.0p0) uses CWE 4.16,
published November 19, 2024.
| Class Name |
CWE IDs |
|---|
| ## Follows # Operator |
CWE:710 |
| /* in Comment |
- |
| // in Comment |
- |
| Addition Overflow of Allocation Size |
CWE:128, CWE:131, CWE:190, CWE:680 |
| Addition Overflow of Size |
CWE:128, CWE:190, CWE:680 |
| Anonymous Namespace in Header File |
- |
| Arctangent Domain Error |
CWE:628, CWE:687, CWE:688 |
| Argument Too High |
CWE:628, CWE:687, CWE:688 |
| Argument Too Low |
CWE:628, CWE:687, CWE:688 |
| Array Parameter |
- |
| Array Parameter Mismatch |
CWE:686, CWE:687, CWE:688 |
| Array to Pointer Conversion on Temporary Object |
- |
| Array to Pointer Decay |
- |
| Assembly Pragma |
- |
| Assignment Result in Expression |
CWE:481 |
| Assignment in Conditional |
CWE:481 |
| Backwards goto |
- |
| Basic Numerical Type Used |
CWE:710 |
| Bit-field Signedness Not Explicit |
- |
| Bit-field Too Short |
- |
| Bit-field in Union |
- |
| Blocking in Critical Section |
CWE:662 |
| Body Is Not Compound Statement |
- |
| Boolean switch Expression |
- |
| Buffer Overrun |
CWE:120, CWE:788 |
| Buffer Underrun |
CWE:786 |
| C++ Comment in C |
- |
| C-style Cast |
- |
| Cast Alters Value |
CWE:20, CWE:192, CWE:704 |
| Cast Removes const Qualifier |
CWE:704 |
| Cast Removes volatile Qualifier |
CWE:704 |
| Cast: Arithmetic Type/Void Pointer |
CWE:704 |
| Cast: Non-integer Arithmetic Type/Object Pointer |
CWE:704 |
| Cast: Object Pointers |
CWE:704 |
| Cast: Virtual Base to Derived |
CWE:704 |
| Code Before #include |
CWE:710 |
| Coercion Alters Value |
CWE:20, CWE:192, CWE:704 |
| Coercion: Integer Constant to Pointer |
CWE:587 |
| Command Injection |
CWE:78, CWE:88, CWE:114 |
| Comment Suggests Code Unfinished |
CWE:546 |
| Commented-out Code |
CWE:615, CWE:1085 |
| Comparison of Unrelated Pointers |
- |
| Condition Contains Side Effects |
CWE:710 |
| Condition Is Not Boolean |
- |
| Conditional Compilation |
CWE:710 |
| Conflicting Lock Order |
CWE:413, CWE:696 |
| Confusing Literal Suffix |
CWE:710 |
| Confusing Operator Overload |
CWE:783 |
| Continue Statement |
- |
| Conversion from Function Pointer |
CWE:704 |
| Conversion to Function Pointer |
CWE:704 |
| Conversion: Pointer to Incomplete |
CWE:704 |
| Conversion: Pointer/Integer |
CWE:704 |
| Conversion: Void Pointer to Object Pointer |
CWE:704 |
| Copy Operation Parameter Is Not const |
- |
| Copy-Paste Error |
CWE:1041 |
| Dangerous Function Cast |
CWE:704 |
| Dangerous Include File Name |
- |
| Data Race |
CWE:362, CWE:364, CWE:366, CWE:413, CWE:567 |
| Deadlock |
CWE:833 |
| Declaration of Flexible Array Member |
- |
| Declaration of Reserved Name |
CWE:1076 |
| Declaration of Variable Length Array |
- |
| Direct Access to Field of C Atomic Object |
- |
| Division By Zero |
CWE:369, CWE:573 |
| Double Close |
CWE:672, CWE:1341 |
| Double Free |
CWE:415, CWE:763 |
| Double Initialization |
CWE:675 |
| Double Lock |
CWE:764 |
| Double Unlock |
CWE:765, CWE:832 |
| Dynamic Allocation After Initialization |
CWE:710 |
| Dynamic Thread Creation |
CWE:710 |
| Ellipsis |
CWE:1056 |
| Empty Branch Statement |
- |
| Empty for Statement |
- |
| Empty if Statement |
CWE:390 |
| Empty switch Statement |
- |
| Empty while Statement |
- |
| Encryption without Padding |
CWE:325, CWE:331, CWE:780 |
| Essential Type Diagnostic |
- |
| Excessive Macro Parameter Evaluation in C Generic |
- |
| Excessive Stack Depth |
CWE:400, CWE:410 |
| Explicit Zero Alignment |
CWE:1164 |
| Expression Value Widened by Assignment |
CWE:704 |
| Expression Value Widened by Other Operand |
CWE:704 |
| Extern Array Without Size |
- |
| FILE* Dereference |
- |
| File Open for Both Read and Write |
- |
| File System Race Condition |
CWE:367 |
| Float Division By Zero |
CWE:369 |
| Float Multiplication Overflow |
CWE:682 |
| Float Pointer Conversion |
CWE:704, CWE:710 |
| Float-typed Loop Counter |
- |
| Floating Point Domain Error |
CWE:628, CWE:687, CWE:688 |
| Floating Point Equality |
CWE:1077 |
| Floating Point Range Error |
CWE:628, CWE:687, CWE:688 |
| Format String |
CWE:134 |
| Format String Injection |
CWE:134 |
| Format String Type Error |
CWE:628, CWE:687, CWE:688 |
| Free Null Pointer |
CWE:590 |
| Function Call Has No Effect |
CWE:687, CWE:688, CWE:1164 |
| Function Defined in Header File |
- |
| Function Pointer |
CWE:710 |
| Function Pointer Conversion |
CWE:710 |
| Function Too Long |
CWE:710, CWE:1080 |
| Function-Like Macro |
- |
| GNU Extension |
- |
| GNU Typeof |
- |
| Gamma on Zero |
CWE:628, CWE:687, CWE:688 |
| Global Variable Declared with Different Types |
CWE:710 |
| GlobalHandle on GMEM_FIXED Memory |
CWE:686, CWE:843 |
| GlobalLock on GMEM_FIXED Memory |
CWE:686, CWE:843 |
| GlobalUnlock on GMEM_FIXED Memory |
CWE:686, CWE:843 |
| Goto Statement |
CWE:710 |
| Hardcoded Authentication |
CWE:259, CWE:318, CWE:540, CWE:547, CWE:798 |
| Hardcoded Crypto Key |
CWE:318, CWE:321, CWE:540, CWE:547, CWE:798 |
| Hardcoded Crypto Salt |
CWE:318, CWE:760, CWE:798 |
| Hardcoded DNS Name |
CWE:506 |
| Hardcoded Seed in PRNG |
CWE:336 |
| High Cyclomatic Complexity (Procedure) |
CWE:1121 |
| High Risk Loop |
CWE:119 |
| Ignored Return Value |
CWE:252, CWE:391, CWE:394 |
| Implicit Address of Function |
- |
| Implicit Constructor Shadowing |
CWE:1076 |
| Implicit Function Declaration |
CWE:686 |
| Implicit Inheritance from Stateful Virtual Base |
- |
| Implicit Lambda Capture |
- |
| Implicit Pointer Type Conversion in Selection of C Generic |
- |
| Implicit Type |
- |
| Inappropriate Argument to <tgmath.h> Macro |
- |
| Inappropriate Argument to Integer Constant Macro |
- |
| Inappropriate Argument to memcmp |
- |
| Inappropriate Assignment Operator Return |
- |
| Inappropriate Assignment Type |
- |
| Inappropriate Association Type in C Generic |
- |
| Inappropriate Bit-field Type |
- |
| Inappropriate C Atomic Initialization |
CWE:665, CWE:908 |
| Inappropriate Call Outside Loop |
- |
| Inappropriate Cast Type |
CWE:704 |
| Inappropriate Cast Type: Expression |
CWE:704 |
| Inappropriate Character Arithmetic |
- |
| Inappropriate Comparison of Virtual Member Function |
CWE:758 |
| Inappropriate Declaration in Global Namespace |
- |
| Inappropriate Include File Specification |
- |
| Inappropriate Operand Type |
- |
| Inappropriate Selection Type in C Generic |
- |
| Inappropriate Storage Duration |
CWE:662 |
| Inappropriate Test of Error Code |
- |
| Inappropriate Volatile Declaration |
- |
| Incomplete Function Prototype |
- |
| Inconsistent Alignment Specifications |
- |
| Inconsistent Chained Designator Initialization |
CWE:665 |
| Inconsistent Enumerator Initialization |
CWE:665, CWE:710 |
| Inconsistent Function Declarations |
- |
| Inconsistent Macro Parameter Expansion in C Generic |
- |
| Inconsistent Object Declarations |
- |
| Inconsistent Types of Arguments to <tgmath.h> Macro |
- |
| Indeterminate Order of Evaluation |
CWE:758 |
| Initialization Cycle |
CWE:1419 |
| Inline Assembly Code |
- |
| Inline Function Not static |
- |
| Input After Output Without Positioning |
- |
| Integer Overflow of Allocation Size |
CWE:128, CWE:131, CWE:190, CWE:680 |
| Invalid Preprocessor Directive |
- |
| LDAP Injection |
CWE:90 |
| Label Not In Enclosing Block |
- |
| Lambda Has No Parameter List |
- |
| Lambda Has No Return Type |
- |
| Leak |
CWE:401, CWE:459, CWE:771, CWE:772, CWE:773, CWE:775, CWE:1091 |
| Leftover Debug Code |
CWE:489, CWE:1295 |
| Library Function Override |
CWE:657, CWE:710, CWE:1076 |
| Library Injection |
CWE:114 |
| Line Splicing in Comment |
- |
| Local Variable Passed to Thread |
- |
| LocalHandle on LMEM_FIXED Memory |
CWE:686, CWE:843 |
| LocalLock on LMEM_FIXED Memory |
CWE:686, CWE:843 |
| LocalUnlock on LMEM_FIXED Memory |
CWE:686, CWE:843 |
| Lock/Unlock Mismatch |
CWE:662, CWE:710 |
| Locked Twice |
CWE:764 |
| Logarithm on Negative Value |
CWE:628, CWE:687, CWE:688 |
| Logarithm on Zero |
CWE:628, CWE:687, CWE:688 |
| MAX_PATH Exceeded |
CWE:687 |
| Macro Argument is both Mixed and Expanded |
CWE:710 |
| Macro Defined in Function Body |
CWE:710 |
| Macro Defines Constant |
CWE:1076 |
| Macro Definition of Reserved Name |
- |
| Macro Does Not End With } or ) |
CWE:710 |
| Macro Does Not Start With { or ( |
CWE:710 |
| Macro Name is C Keyword |
CWE:710 |
| Macro Parameter Not Parenthesized |
- |
| Macro Undefined in Function Body |
CWE:710 |
| Macro Undefinition of Reserved Name |
- |
| Macro Uses # Operator |
CWE:710 |
| Macro Uses ## Operator |
CWE:710 |
| Macro Uses -> Operator |
CWE:710 |
| Macro Uses Unary * Operator |
CWE:710 |
| Macro Uses [] Operator |
CWE:710 |
| Malformed #include |
- |
| Malformed for-loop Condition |
- |
| Malformed for-loop Initialization |
- |
| Malformed for-loop Step |
- |
| Malformed switch Statement |
- |
| Member Function Could Be const |
- |
| Member Function Could Be static |
- |
| Memory Protection Removal |
- |
| Method Default Value Mismatch |
- |
| Microsoft Extension |
- |
| Misaligned Object |
CWE:664, CWE:761, CWE:763, CWE:823 |
| Mismatched Argument Types |
- |
| Mismatched Operand Types |
- |
| Misplaced Default Association in C Generic |
- |
| Misplaced Return Statement |
- |
| Misplaced Using Declaration |
- |
| Misplaced case |
- |
| Misplaced default |
- |
| Missing Braces in Initialization |
CWE:665 |
| Missing External Declaration |
- |
| Missing External Definition |
- |
| Missing Final else |
- |
| Missing Literal Suffix |
- |
| Missing Lock Acquisition |
CWE:413, CWE:832 |
| Missing Lock Release |
CWE:667 |
| Missing Non-default Association in C Generic |
- |
| Missing Parentheses |
CWE:710 |
| Missing Return Statement |
CWE:758, CWE:1076, CWE:1120 |
| Missing Return Value |
CWE:758 |
| Missing Test of Error Code |
- |
| Missing User-defined Operations |
CWE:1076 |
| Missing break |
CWE:484 |
| Missing default |
CWE:478 |
| Missing for-loop Step |
- |
| Missing for-loop Termination |
- |
| Missing noreturn Specifier |
- |
| Mixed Assembly and Code |
- |
| Modification of Standard Namespaces |
- |
| Modified Parameter |
- |
| Multiple Abnormal Loop Exits |
CWE:1120 |
| Multiple Accesses of Atomic |
- |
| Multiple Declarations On Line |
CWE:1078 |
| Multiple Declarations of a Global |
CWE:710 |
| Multiple External Declarations |
- |
| Multiple External Definitions |
- |
| Multiple Inheritance with Private Interface Class |
- |
| Multiple Inheritance with Protected Interface Class |
- |
| Multiple Inheritance with Public Base Class |
CWE:1055 |
| Multiple Inheritance with Too Many Protected Base Classes |
CWE:1055 |
| Multiple Return Statements |
- |
| Multiple Statements On Line |
CWE:1078 |
| Multiplication Overflow of Allocation Size |
CWE:128, CWE:131, CWE:190, CWE:680 |
| Multiplication Overflow of Size |
CWE:128, CWE:190, CWE:680 |
| NULL Used as Integer |
- |
| Naming Style Violation |
- |
| Negative Character Value |
CWE:681, CWE:686 |
| Negative Shift Amount |
CWE:758, CWE:1335 |
| Negative file descriptor |
CWE:687 |
| Nested Function Declaration |
CWE:710 |
| Nested Locks |
CWE:413 |
| No Matching #endif |
CWE:710 |
| No Matching #if |
CWE:710 |
| No Previous Declaration |
- |
| No Space For Null Terminator |
CWE:170 |
| Non-Boolean Preprocessor Expression |
- |
| Non-const String Literal |
CWE:1076 |
| Non-distinct Identifiers: External Names |
CWE:710 |
| Non-distinct Identifiers: Macro/Macro |
CWE:710 |
| Non-distinct Identifiers: Macro/Other |
CWE:710 |
| Non-distinct Identifiers: Nested Scope |
CWE:710 |
| Non-distinct Identifiers: Same Scope |
CWE:710 |
| Non-unique Identifiers: External Name |
CWE:710 |
| Non-unique Identifiers: Internal Name |
CWE:710 |
| Non-unique Identifiers: Tag |
CWE:710 |
| Non-unique Identifiers: Typedef |
CWE:710 |
| Non-void noreturn |
- |
| Non-zero Error Code |
- |
| Not All Warnings Are Enabled |
CWE:1076, CWE:1127 |
| Not Enough Assertions |
CWE:710 |
| Null Pointer Dereference |
CWE:476, CWE:573, CWE:690 |
| Null Security Descriptor |
CWE:284 |
| Null Test After Dereference |
CWE:690, CWE:696 |
| Object Defined in Header File |
- |
| Object Slicing |
- |
| Octal Constant |
CWE:1078, CWE:1389 |
| Out of Order Member Initializers |
- |
| Output After Input Without Positioning |
- |
| Over-initialized Element |
CWE:665, CWE:1164 |
| Overlapping Memory Regions |
CWE:475 |
| Override of Non-Virtual Method |
CWE:1076 |
| Padding Passed Across a Trust Boundary |
- |
| Partially Uninitialized Aggregate |
CWE:1419 |
| Partially Uninitialized Array |
CWE:1419 |
| Plaintext Storage of Password |
CWE:256, CWE:311, CWE:313, CWE:316, CWE:318 |
| Plaintext Transmission of Password |
CWE:311, CWE:319 |
| Pointed-to Type Could Be const |
- |
| Pointer Arithmetic |
CWE:823 |
| Pointer Before Beginning of Object |
CWE:465, CWE:823 |
| Pointer Past End of Object |
CWE:465, CWE:823 |
| Pointer Type Inside Typedef |
CWE:710 |
| Pointer to Variably-modified Array Type |
- |
| Pool Mismatch |
CWE:762 |
| Possible Anti-Debugging |
- |
| Potential Timebomb |
CWE:511 |
| Potential Unbounded Loop |
CWE:400, CWE:835 |
| Predictable Seed in PRNG |
CWE:337 |
| Preprocessing Directives in Macro Argument |
- |
| Raises FE_INVALID |
CWE:628, CWE:687, CWE:688 |
| Read Past Null Terminator |
CWE:1025 |
| Recursion |
CWE:674, CWE:710 |
| Recursive Macro |
CWE:710 |
| Redundant Condition |
CWE:482, CWE:570, CWE:571, CWE:1164 |
| Register Keyword |
- |
| Restrict Qualifier Used |
- |
| Return Pointer to Freed |
- |
| Return Pointer to Local |
CWE:562 |
| Return from Computational Exception Signal Handler |
- |
| Return from noreturn |
- |
| Returned Pointer Not Treated as const |
- |
| Risky Atomic Memory Order |
CWE:821 |
| Risky Integer Promotion |
CWE:704 |
| SQL Injection |
CWE:89 |
| Scope Could Be File Static |
CWE:1126 |
| Scope Could Be Local Static |
CWE:1126 |
| Selection in C Generic not Expanded from Macro Parameters |
- |
| Shift Amount Exceeds Bit Width |
CWE:758, CWE:1335 |
| Side Effects in C Generic Selection |
- |
| Side Effects in Expression with Decrement |
- |
| Side Effects in Expression with Increment |
- |
| Side Effects in Initializer List |
- |
| Side Effects in Logical Operand |
- |
| Side Effects in sizeof |
- |
| Signal Handler Entry Point |
- |
| Socket In Wrong State |
CWE:666, CWE:696 |
| Specialization after Use |
- |
| Static Array Parameter |
- |
| Subtraction Underflow of Allocation Size |
CWE:128, CWE:131, CWE:190, CWE:191, CWE:680 |
| Subtraction Underflow of Size |
CWE:128, CWE:190, CWE:191, CWE:680 |
| Subtraction of Unrelated Pointers |
CWE:469 |
| Tainted Allocation Size |
CWE:131, CWE:789 |
| Tainted Buffer Access |
CWE:20, CWE:119 |
| Tainted Configuration Setting |
CWE:15 |
| Tainted Environment Variable |
CWE:427 |
| Tainted Filename |
CWE:22, CWE:73, CWE:99, CWE:610, CWE:641 |
| Tainted Network Address |
CWE:99, CWE:610, CWE:641 |
| Tainted Write |
CWE:200 |
| Task Delay Function |
CWE:710 |
| Thread Entry Point |
- |
| Thread is not Joinable |
CWE:666, CWE:696 |
| Too Few Cases in switch |
- |
| Too Many Alignment Specifiers |
- |
| Too Many Dereferences |
CWE:710 |
| Too Many Parameters |
CWE:710, CWE:1064 |
| Too Many Side Effects in Assignment |
- |
| Too Many Side Effects in Condition |
- |
| Too Many Side Effects in Function Call |
- |
| Too Many Side Effects in Statement |
- |
| Too Many Side Effects in Switch |
- |
| Too Much Indirection in Declaration |
CWE:710 |
| Trigraph |
- |
| Truncation of Allocation Size |
CWE:131, CWE:192, CWE:197, CWE:680 |
| Truncation of Size |
CWE:192, CWE:197, CWE:680 |
| Try-lock that will never succeed |
CWE:413 |
| Type Mismatch |
CWE:590, CWE:686, CWE:761, CWE:762, CWE:843 |
| Type Overrun |
CWE:119 |
| Type Qualifier on Function Type |
- |
| Type Underrun |
CWE:119 |
| Typographically Ambiguous Identifiers |
CWE:1007 |
| Unbalanced Parenthesis |
CWE:710 |
| Unchecked Parameter Dereference |
CWE:476, CWE:822 |
| Undefined Macro in #if |
- |
| Undefined Power of Zero |
CWE:628, CWE:687, CWE:688 |
| Unexercised Call |
CWE:561 |
| Unexercised Computation |
CWE:561 |
| Unexercised Conditional |
CWE:561 |
| Unexercised Control Flow |
CWE:561 |
| Unexercised Data Flow |
CWE:561 |
| Uninitialized Variable |
CWE:457, CWE:758, CWE:908, CWE:1419 |
| Union Type |
- |
| Unknown Lock |
CWE:413 |
| Unnamed Field |
- |
| Unneeded Implicitly Generated Operations |
CWE:1076 |
| Unordered Initialization |
CWE:1419 |
| Unreachable Call |
CWE:561 |
| Unreachable Catch |
CWE:561, CWE:703 |
| Unreachable Computation |
CWE:561 |
| Unreachable Conditional |
CWE:561 |
| Unreachable Control Flow |
CWE:561 |
| Unreachable Data Flow |
CWE:561 |
| Unreasonable Size Argument |
CWE:687, CWE:688 |
| Unspecified Array Size with Designator Initialization |
CWE:1419 |
| Unterminated C String |
CWE:170 |
| Unterminated Escape Sequence |
- |
| Untrusted Library Load |
CWE:114 |
| Untrusted Network Host |
CWE:99, CWE:506, CWE:610 |
| Untrusted Network Port |
CWE:99, CWE:610 |
| Untrusted Process Creation |
CWE:78 |
| Unused Label |
CWE:561 |
| Unused Macro |
CWE:561 |
| Unused Parameter |
CWE:561 |
| Unused Tag |
CWE:561 |
| Unused Type |
CWE:561 |
| Unused Value |
CWE:563, CWE:1164 |
| Unused Variable |
- |
| Use After Close |
CWE:666, CWE:672, CWE:696, CWE:910 |
| Use After Free |
CWE:416, CWE:573, CWE:672, CWE:696 |
| Use of #define |
CWE:710 |
| Use of #elif |
CWE:1076 |
| Use of #elifdef |
CWE:1076 |
| Use of #elifndef |
CWE:1076 |
| Use of #else |
CWE:1076 |
| Use of #endif |
CWE:710 |
| Use of #error |
CWE:1076 |
| Use of #if |
CWE:1076 |
| Use of #ifdef |
CWE:1076 |
| Use of #ifndef |
CWE:710 |
| Use of #import |
CWE:1076 |
| Use of #include |
CWE:710 |
| Use of #include_next |
CWE:1076 |
| Use of #line |
CWE:1076 |
| Use of #pragma |
CWE:1076 |
| Use of #undef |
CWE:710 |
| Use of #using |
CWE:1076 |
| Use of #warning |
CWE:1076 |
| Use of <fenv.h> Exception Handling Function |
CWE:676 |
| Use of <setjmp.h> |
- |
| Use of <signal.h> |
CWE:676, CWE:758 |
| Use of <stdarg.h> Feature |
- |
| Use of <stdint.h> Small Integer Constant Macro |
- |
| Use of <stdio.h> Input/Output |
CWE:676, CWE:758 |
| Use of <stdio.h> Input/Output Macro |
CWE:676, CWE:758 |
| Use of <stdlib.h> Allocator/Deallocator |
CWE:710 |
| Use of <stdlib.h> Allocator/Deallocator Macro |
CWE:710 |
| Use of <tgmath.h> |
CWE:676, CWE:758 |
| Use of <time.h> Time/Date Function |
CWE:676, CWE:758 |
| Use of <wchar.h> Input/Output |
CWE:676, CWE:758 |
| Use of <wchar.h> Input/Output Macro |
CWE:676, CWE:758 |
| Use of AddAccessAllowedAce |
CWE:269, CWE:281, CWE:676 |
| Use of AddAccessDeniedAce |
CWE:269, CWE:281, CWE:676 |
| Use of AfxLoadLibrary |
CWE:676 |
| Use of AfxParseURL |
CWE:676 |
| Use of Alignas |
- |
| Use of Alignof |
- |
| Use of C Atomic |
- |
| Use of C Generic |
- |
| Use of CoLoadLibrary |
CWE:676 |
| Use of Comma Operator |
- |
| Use of Condition Variable Signal |
CWE:676 |
| Use of Condition Variable Wait |
- |
| Use of CreateFile |
CWE:676 |
| Use of CreateProcess |
CWE:676 |
| Use of CreateThread |
CWE:676 |
| Use of FormatMessage |
CWE:134, CWE:676 |
| Use of GetTempFileName |
CWE:377, CWE:676 |
| Use of L_tmpnam_s |
- |
| Use of LoadLibrary |
CWE:676 |
| Use of LoadModule |
CWE:477, CWE:676 |
| Use of MoveFile |
CWE:477, CWE:676 |
| Use of NULL |
CWE:1076 |
| Use of Noreturn |
- |
| Use of OemToAnsi |
CWE:120, CWE:676 |
| Use of OemToChar |
CWE:120, CWE:676 |
| Use of SHCreateProcessAsUserW |
CWE:676 |
| Use of SO_REUSEADDR |
CWE:605 |
| Use of ShellExecute |
CWE:676 |
| Use of StrCatChainW |
CWE:120, CWE:676 |
| Use of TMP_MAX_S |
- |
| Use of Thread Local |
- |
| Use of Weak Cryptographic Algorithm |
CWE:327 |
| Use of WinExec |
CWE:477, CWE:676 |
| Use of XML_ExternalEntityParserCreate |
- |
| Use of _exec |
CWE:676 |
| Use of _spawn |
CWE:676 |
| Use of abort |
CWE:676, CWE:758 |
| Use of abort_handler_s |
- |
| Use of asctime_s |
- |
| Use of atof |
CWE:676, CWE:758 |
| Use of atoi |
CWE:676, CWE:758 |
| Use of atol |
CWE:676, CWE:758 |
| Use of atoll |
CWE:676, CWE:758 |
| Use of bsearch |
CWE:676, CWE:758 |
| Use of bsearch_s |
- |
| Use of catch |
CWE:396 |
| Use of catopen |
CWE:676 |
| Use of chroot |
CWE:242, CWE:243, CWE:676 |
| Use of constraint_handler_t |
- |
| Use of crypt |
CWE:242, CWE:326, CWE:327, CWE:328, CWE:330, CWE:338, CWE:676 |
| Use of ctime_s |
- |
| Use of cuserid |
CWE:477, CWE:676, CWE:863 |
| Use of drem |
CWE:242, CWE:477, CWE:589 |
| Use of execlp |
CWE:676 |
| Use of execvp |
CWE:676 |
| Use of exit |
CWE:676, CWE:758 |
| Use of fopen_s |
- |
| Use of fork |
- |
| Use of fprintf_s |
- |
| Use of freopen_s |
- |
| Use of fscanf_s |
- |
| Use of fwprintf_s |
- |
| Use of fwscanf_s |
- |
| Use of gamma |
CWE:242, CWE:474, CWE:477 |
| Use of getenv |
CWE:676, CWE:758 |
| Use of getenv_s |
- |
| Use of getlogin |
CWE:558, CWE:676, CWE:863 |
| Use of getopt |
CWE:120, CWE:676 |
| Use of getpass |
CWE:120, CWE:676 |
| Use of gets |
CWE:120, CWE:242 |
| Use of gets_s |
- |
| Use of getwd |
CWE:120, CWE:242 |
| Use of gmtime_s |
- |
| Use of ignore_handler_s |
- |
| Use of localtime_s |
- |
| Use of longjmp |
CWE:242, CWE:676, CWE:691, CWE:710 |
| Use of mbsrtowcs_s |
- |
| Use of mbstowcs_s |
- |
| Use of memcmp |
- |
| Use of memcpy_s |
- |
| Use of memmove_s |
- |
| Use of memset |
CWE:14, CWE:676, CWE:1037 |
| Use of memset_s |
- |
| Use of mkstemp |
CWE:377, CWE:676 |
| Use of mktemp |
CWE:242, CWE:377, CWE:676 |
| Use of offsetof |
- |
| Use of popen |
CWE:676 |
| Use of printf_s |
- |
| Use of pthread_kill |
CWE:676 |
| Use of putenv |
CWE:676, CWE:758 |
| Use of qsort |
CWE:676 |
| Use of qsort_s |
- |
| Use of rand |
CWE:327, CWE:332, CWE:334, CWE:338, CWE:676 |
| Use of rand48 Function |
CWE:327, CWE:332, CWE:334, CWE:338, CWE:676 |
| Use of random |
CWE:327, CWE:332, CWE:334, CWE:338, CWE:676 |
| Use of realloc |
CWE:676 |
| Use of realpath |
CWE:676, CWE:785 |
| Use of recvmsg |
CWE:120, CWE:676 |
| Use of scanf_s |
- |
| Use of set_constraint_handler_s |
- |
| Use of setjmp |
CWE:242, CWE:676, CWE:691, CWE:710 |
| Use of setlocale |
- |
| Use of setuid |
CWE:676 |
| Use of signal |
CWE:676 |
| Use of snprintf_s |
- |
| Use of snwprintf_s |
- |
| Use of sprintf_s |
- |
| Use of sscanf_s |
- |
| Use of std::locale::global |
- |
| Use of strcat |
CWE:120, CWE:676 |
| Use of strcat_s |
- |
| Use of strchr |
CWE:120, CWE:676 |
| Use of strcmp |
CWE:120, CWE:676 |
| Use of strcoll |
CWE:120, CWE:676 |
| Use of strcpy |
CWE:120, CWE:676 |
| Use of strcpy_s |
- |
| Use of strcspn |
CWE:120, CWE:676 |
| Use of strerror_s |
- |
| Use of strerrorlen_s |
- |
| Use of strlen |
CWE:120, CWE:676 |
| Use of strncat_s |
- |
| Use of strncpy_s |
- |
| Use of strnlen_s |
- |
| Use of strpbrk |
CWE:120, CWE:676 |
| Use of strrchr |
CWE:120, CWE:676 |
| Use of strspn |
CWE:120, CWE:676 |
| Use of strstr |
CWE:120, CWE:676 |
| Use of strtok |
CWE:120, CWE:676 |
| Use of strtok_s |
- |
| Use of strtrns |
CWE:120, CWE:676 |
| Use of swprintf_s |
- |
| Use of swscanf_s |
- |
| Use of syslog |
CWE:120, CWE:676 |
| Use of system |
CWE:676 |
| Use of t_open |
CWE:676 |
| Use of throw |
CWE:397 |
| Use of tmpfile |
CWE:242, CWE:377, CWE:676 |
| Use of tmpfile_s |
CWE:377, CWE:676 |
| Use of tmpnam |
CWE:242, CWE:377, CWE:676 |
| Use of tmpnam_s |
CWE:377, CWE:676 |
| Use of ttyname |
CWE:676 |
| Use of vfork |
CWE:242, CWE:676 |
| Use of vfprintf_s |
- |
| Use of vfscanf_s |
- |
| Use of vfwprintf_s |
- |
| Use of vfwscanf_s |
- |
| Use of vprintf_s |
- |
| Use of vscanf_s |
- |
| Use of vsnprintf_s |
- |
| Use of vsnwprintf_s |
- |
| Use of vsprintf_s |
- |
| Use of vsscanf_s |
- |
| Use of vswprintf_s |
- |
| Use of vswscanf_s |
- |
| Use of vwprintf_s |
- |
| Use of vwscanf_s |
- |
| Use of wcrtomb_s |
- |
| Use of wcscat_s |
- |
| Use of wcscpy_s |
- |
| Use of wcsncat_s |
- |
| Use of wcsncpy_s |
- |
| Use of wcsnlen_s |
- |
| Use of wcsrtombs_s |
- |
| Use of wcstok_s |
- |
| Use of wcstombs_s |
- |
| Use of wctomb_s |
- |
| Use of wmemcpy_s |
- |
| Use of wmemmove_s |
- |
| Use of wprintf_s |
- |
| Use of wscanf_s |
- |
| Useless Assignment |
CWE:1164 |
| Using Declaration in Header File |
- |
| Using Directive |
- |
| Using Directive in Header File |
- |
| Varargs Function Cast |
CWE:704 |
| Variable Could Be const |
CWE:710 |
| Variadic Macro |
CWE:710 |
| Virtual Base Class |
- |
| Virtual Base Class not In Diamond |
- |
| Virtual Call in Constructor |
CWE:1419 |
| Virtual Call in Destructor |
- |
| Virtual and Non-Virtual Base Class |
- |
| Void C Atomic |
- |
| Warnings Not Treated As Errors |
CWE:1076, CWE:1127 |
| Weak Cryptography |
CWE:326, CWE:327, CWE:330, CWE:338, CWE:676 |
| Write to Read Only File |
- |
| chroot without chdir |
CWE:243, CWE:676 |
| cosh on High Number |
CWE:628, CWE:687, CWE:688 |
| cosh on Low Number |
CWE:628, CWE:687, CWE:688 |
| delete with Non-Virtual Destructor |
CWE:1079, CWE:1087 |
| sizeof Array Parameter |
CWE:467 |
| sqrt on Negative Value |
CWE:628, CWE:687, CWE:688 |
| switch With Non-enum Expression |
CWE:1106 |
| Class Name |
CWE IDs |
|---|
| == Always Fails Because Types Always Different (Java) |
CWE:1024 |
| Abs on random (Java) |
CWE:682 |
| Accessing File in Permissive Mode (Java) |
CWE:732 |
| Actual Parameter Element may be null (Java) |
CWE:476 |
| Ambiguous Call from Inner Class (Java) |
CWE:1076 |
| Android Leak (Java) |
CWE:664 |
| Android Message Injection (Java) |
CWE:319 |
| Android URL Injection (Java) |
CWE:74, CWE:601 |
| Anonymous LDAP Authentication (Java) |
CWE:1390 |
| Approximate e Constant (Java) |
CWE:197, CWE:1078, CWE:1339 |
| Approximate pi Constant (Java) |
CWE:197, CWE:1078, CWE:1339 |
| Array Parameter Empty (Java) |
CWE:628 |
| Assertion Contains Side Effects (Java) |
CWE:665 |
| Assignment in Conditional (Java) |
CWE:481 |
| Asymmetric compareTo (Java) |
CWE:697 |
| Bitwise AND on Boolean (Java) |
CWE:768 |
| Bitwise AND on Boolean Constant (Java) |
CWE:480 |
| Bitwise OR on Boolean (Java) |
CWE:768 |
| Bitwise OR on Boolean Constant (Java) |
CWE:480 |
| Blocking in Critical Section (Java) |
CWE:833 |
| Broad Throws Clause (Java) |
CWE:397 |
| Call Might Return Null (Java) |
CWE:252 |
| Cast: Integer to Floating Point (Java) |
CWE:192 |
| Cast: int Computation to long (Java) |
CWE:190, CWE:191 |
| Certificate Added to Root Store (Java) |
CWE:922 |
| Class Enables Debug Features (Java) |
CWE:489 |
| Clone Call to Super is Missing (Java) |
CWE:580 |
| Closeable Not Closed (Java) |
CWE:772 |
| Closeable Not Stored (Java) |
CWE:400 |
| Code Injection (Java) |
CWE:94 |
| Command Injection (Java) |
CWE:78 |
| Comparison to Class Names (Java) |
CWE:486 |
| Comparison to Empty String (Java) |
CWE:597 |
| Copy-Paste Error |
CWE:1041 |
| Cross Site Scripting (Java) |
CWE:79 |
| Cross Site Scripting In Error Message Web Page (Java) |
CWE:79, CWE:81 |
| Cryptographic Algorithm with Risky Default Cipher (Java) |
CWE:327 |
| Cryptographic Algorithm with Weak Cipher (Java) |
CWE:327 |
| Cryptographic Algorithm with Weak Hash (Java) |
CWE:328 |
| DLL Injection (Java) |
CWE:74, CWE:114 |
| DOS Injection (Java) |
CWE:74 |
| Debug Call (Java) |
CWE:382, CWE:489 |
| Debug Warning (Java) |
CWE:209, CWE:477, CWE:537 |
| Defines equals but not hashCode (Java) |
CWE:581 |
| Defines hashCode but not equals (Java) |
CWE:581 |
| Deprecated Cryptography Provider (Java) |
CWE:327 |
| Deprecated Transfer Protocol (Java) |
CWE:757 |
| Deserializable Class (Java) |
CWE:502, CWE:913 |
| Deserializing Non-Serializable Class (Java) |
CWE:913 |
| Direct Thread Usage in Http Servlet (Java) |
CWE:383 |
| Double-Checked Locking (Java) |
CWE:366, CWE:609 |
| Empty Branch Statement (Java) |
CWE:1071 |
| Empty Exception Handler (Java) |
CWE:390 |
| Empty jar File Archived (Java) |
CWE:909 |
| Empty zip File Archived (Java) |
CWE:909 |
| Exception Information Disclosure (Java) |
CWE:537, CWE:550 |
| Execution After Redirect (Java) |
CWE:698 |
| Explicit Finalize (Java) |
CWE:586 |
| Field Element may be null (deep) (Java) |
CWE:476 |
| Field Never Read (Java) |
CWE:1164 |
| Field Never Written (Java) |
CWE:456 |
| Field Too Visible (Java) |
CWE:487, CWE:608, CWE:766, CWE:1061 |
| Field may be null (deep) (Java) |
CWE:476 |
| Floating Point Equality (Java) |
CWE:1077 |
| Format String Injection (Java) |
CWE:134 |
| Fragment Injection (Java) |
CWE:470 |
| Generic Exception Handler (Java) |
CWE:396 |
| Hardcoded Cryptographic Key (Java) |
CWE:321 |
| Hardcoded Filename (Java) |
CWE:547 |
| Hardcoded IP Address (Java) |
CWE:547 |
| Hardcoded Password (Java) |
CWE:259 |
| Hardcoded Random Seed (Java) |
CWE:330 |
| Hostname in Condition (Java) |
CWE:287 |
| Ignored Return Value (Java) |
CWE:252 |
| Ignored Return Value for Pure Function (Java) |
CWE:252 |
| Impossible Client Side Locking (Java) |
CWE:413 |
| Impossible reference comparison (Java) |
CWE:570 |
| Inadequate Salt (Java) |
CWE:916 |
| Inappropriate Exception Handler (Java) |
CWE:395 |
| Inappropriate Instanceof (Java) |
CWE:1076 |
| Ineffective Cleansing of Fragment Taint (Java) |
CWE:287 |
| Inefficient Bitwise AND (Java) |
CWE:480 |
| Inefficient Bitwise OR (Java) |
CWE:480 |
| Inefficient Box-Unbox (Java) |
- |
| Inefficient Instantiation (Java) |
CWE:400 |
| Inner Class Should be Static (Java) |
CWE:492 |
| Insecure Class Loader (Java) |
CWE:913 |
| Insecure Cookie (Java) |
CWE:614 |
| Insecure Key Derivation (Java) |
CWE:326 |
| Insecure Random Number Generator (Java) |
CWE:330 |
| Insecure Socket Factory (Java) |
CWE:295 |
| Insecure XSLT Execution (Java) |
CWE:611 |
| Insecure verifier Override for Hostname (Java) |
CWE:287 |
| Insecure verify Override for Certificate (Java) |
CWE:295 |
| Instanceof Always False (Java) |
CWE:570 |
| Instanceof Always True (Java) |
CWE:571 |
| JavaScript Enabled (Java) |
CWE:749 |
| JavaScript File Access from File URLs (Java) |
CWE:749 |
| LDAP Authentication Disabled (Java) |
CWE:1390 |
| Lambda Parameter may be null (Java) |
CWE:456 |
| Legacy Random Generator (Java) |
CWE:330 |
| Method Disables Security Setting (Java) |
CWE:676 |
| Method Enables Debug Features (Java) |
CWE:489 |
| Method Names Differ Only in Case (Java) |
CWE:628 |
| Method Should Not Return null (Java) |
CWE:476 |
| Method Should be final (Java) |
CWE:493 |
| Method Should be private (Java) |
CWE:1061 |
| Missing Authentication Annotation (Java) |
CWE:287 |
| Missing Call to super (Java) |
CWE:103, CWE:568, CWE:573, CWE:580 |
| Missing Equals Override (Java) |
CWE:1023 |
| Missing JavaScript Entry Point (Java) |
CWE:749 |
| Missing JavaScript Execution (Java) |
CWE:749 |
| Missing Required Cryptographic Step (Java) |
CWE:325 |
| Missing Serial Version Field (Java) |
CWE:913, CWE:1076 |
| Missing isValidFragment Override (Java) |
CWE:1173 |
| Missing synchronized Statement (Java) |
CWE:366, CWE:567 |
| Mutable Constant Field (Java) |
CWE:607 |
| Mutable Enumeration (Java) |
CWE:607 |
| Mutable Public Static Final Array (Java) |
CWE:582, CWE:607 |
| Naming Style Violation (Java) |
CWE:710 |
| Non-Object compareTo Parameter (Java) |
CWE:1097 |
| Non-overriding Method Signature (Java) |
CWE:686 |
| Nonserializable Field (Java) |
CWE:913 |
| Nonserializable Field Element (Java) |
CWE:913 |
| Nonserializable Outer Class (Java) |
CWE:913 |
| Null Parameter Dereference (Java) |
CWE:476 |
| Null Pointer Dereference (Java) |
CWE:456, CWE:476 |
| Null Pointer Dereference (deep) (Java) |
CWE:476 |
| Open Redirect (Java) |
CWE:601 |
| Password in Property File (Java) |
CWE:522 |
| Permissive File Mode (Java) |
CWE:732 |
| Possible XML External Entity Reference (Java) |
CWE:611 |
| Potential Infinite Recursion (Java) |
CWE:674 |
| Potential LDAP Poisoning (Java) |
CWE:349 |
| Redundant Call for Integral Argument (Java) |
- |
| Redundant Call for String Argument (Java) |
CWE:1164 |
| Redundant Condition (Java) |
CWE:570, CWE:571 |
| Redundant Implements Clause (Java) |
CWE:1164 |
| Reflection Bypasses Member Accessibility (Java) |
CWE:915 |
| Reflection Injection (Java) |
CWE:470 |
| Reflection Modifies Member Accessibility (Java) |
CWE:915 |
| Return Value may Contain null Element (Java) |
CWE:476 |
| Return Value may be null (Java) |
CWE:476 |
| Return null Array (Java) |
CWE:476 |
| Return null Boolean (Java) |
CWE:476 |
| Return null Optional (Java) |
CWE:476 |
| Risky Cipher Algorithm (Java) |
CWE:327 |
| Risky Cipher Field (Java) |
CWE:327 |
| Risky Class Cast (Java) |
CWE:704 |
| Risky Cryptographic Algorithm (Java) |
CWE:327 |
| Risky Cryptographic Field (Java) |
CWE:327 |
| Risky JavaScript Interface (Java) |
CWE:749 |
| Risky array store (Java) |
CWE:704 |
| SQL Injection (Java) |
CWE:89 |
| Security Annotation Conflict (Java) |
CWE:749 |
| Sensitive Data Cached (Java) |
CWE:524 |
| Sensitive Data Written to External Storage (Java) |
CWE:259 |
| Sensitive Data Written to Local File (Java) |
CWE:538 |
| Serialization Not Disabled (Java) |
CWE:499, CWE:502 |
| Shadowed Identifier (Java) |
CWE:1076 |
| Should Use == Instead of equals() (Java) |
CWE:480 |
| Should Use equals() Instead of == (Java) |
CWE:595 |
| Single-use Random Number Generator (Java) |
CWE:1176 |
| Static Field Assigned Non-Static (Java) |
CWE:1164 |
| Static Field Too Visible (Java) |
CWE:487, CWE:608, CWE:766, CWE:1061 |
| Synchronization on Interned String (Java) |
CWE:366, CWE:412 |
| Synchronization on static (Java) |
CWE:366, CWE:413 |
| Synchronous Call to Thread Body (Java) |
CWE:572 |
| Tainted @Trusted Value (Java) |
CWE:74 |
| Tainted Allocation Size (Java) |
CWE:789 |
| Tainted Bundle (Java) |
CWE:501 |
| Tainted Control (Java) |
CWE:74 |
| Tainted Data in Vulnerable Method (Java) |
CWE:74, CWE:349 |
| Tainted Expression Evaluation (Java) |
CWE:95, CWE:917 |
| Tainted HTTP Response (Java) |
CWE:113 |
| Tainted Hardware Device Property (Java) |
CWE:74 |
| Tainted LDAP Attribute (Java) |
CWE:90 |
| Tainted LDAP Filter (Java) |
CWE:90 |
| Tainted Log (Java) |
CWE:117 |
| Tainted Message (Java) |
CWE:319 |
| Tainted Network Address (Java) |
CWE:74 |
| Tainted Path (Java) |
CWE:22 |
| Tainted Regular Expression (Java) |
CWE:624 |
| Tainted Resource (Java) |
CWE:74 |
| Tainted Session (Java) |
CWE:501 |
| Tainted URL (Java) |
CWE:74, CWE:601 |
| Tainted XAML (Java) |
CWE:74 |
| Tainted XML (Java) |
CWE:74 |
| Tainted Xpath (Java) |
CWE:643 |
| Unchecked Parameter Dereference (Java) |
CWE:476 |
| Unchecked Parameter Dereference (deep) (Java) |
CWE:476 |
| Unchecked Parameter Element Dereference (deep) (Java) |
CWE:476 |
| Unexpected Serial Version Field (Java) |
CWE:913 |
| Unguarded Field (Java) |
CWE:366, CWE:567 |
| Unguarded Method (Java) |
CWE:366, CWE:820 |
| Unguarded Parameter (Java) |
CWE:366, CWE:567 |
| Universal JavaScript Access to File URLs (Java) |
CWE:749 |
| Unnecessary Field (Java) |
CWE:563, CWE:1126 |
| Unnecessary Instantiation for GetClass (Java) |
- |
| Unreachable Instruction (Java) |
CWE:561 |
| Unsafe Base64 Encoding (Java) |
CWE:327 |
| Unsafe Session Expiration Time (Java) |
CWE:613 |
| Untrusted Network Host (Java) |
CWE:295 |
| Unused Class (Java) |
CWE:561 |
| Unused Field (Java) |
CWE:1164 |
| Unused Method (Java) |
CWE:561 |
| Unused Object (Java) |
CWE:1164 |
| Unused Value: Actual Parameter (Java) |
CWE:563 |
| Unused Value: Variable (Java) |
CWE:563 |
| Unused Value: Write to Parameter (Java) |
CWE:563 |
| Use of Hardware ID (Java) |
CWE:200 |
| Use of Insecure verify for Certificate (Java) |
CWE:295 |
| Use of Insecure verify for Hostname (Java) |
CWE:287 |
| Use of Same Seed (Java) |
CWE:336 |
| Useless Assignment (Java) |
CWE:665 |
| Useless Assignment to Default (Java) |
CWE:665 |
| Useless Class Cast (Java) |
CWE:1164 |
| Useless Synchronization (Java) |
CWE:585 |
| Useless null Test (Java) |
CWE:1164 |
| Useless null Test of Field (Java) |
CWE:1164 |
| Useless null Test of Parameter (Java) |
CWE:1164 |
| Useless null Test of Return Value (Java) |
CWE:253 |
| Useless volatile Modifier (Java) |
CWE:567, CWE:662 |
| Weak Cryptographic Value (Java) |
CWE:338 |
| Weak Hash Algorithm (Java) |
CWE:328 |
| Weak Hash Algorithm Field (Java) |
CWE:328 |
| Weak Initialization Vector Field (Java) |
CWE:1204 |
| Weak Initialization Vector Value (Java) |
CWE:1204 |
| clone Non-cloneable (Java) |
CWE:491 |
| clone Subclass of Non-clonable (Java) |
CWE:491 |
| clone not final (Java) |
CWE:491 |
| compareTo in Non-Comparable Class (Java) |
CWE:1076 |
| compareTo without equals (Java) |
CWE:697 |
| compareTo/equals mismatch (Java) |
CWE:697 |
| equals Always Fails (Java) |
CWE:570 |
| equals Parameter Should Be Object (Java) |
CWE:1076 |
| equals on Array (Java) |
CWE:595 |
| null Passed to Method (deep) (Java) |
CWE:476 |
| toString on Array (Java) |
CWE:440 |
| Class Name |
CWE IDs |
|---|
| 'Buffer.BlockCopy' expects the number of bytes to be copied for the 'count' argument (C#) |
- |
| 'ThreadStatic' only affects static fields (C#) |
- |
| == Always Fails Because Types Always Different (C#) |
CWE:1024 |
| A constant is expected for the parameter (C#) |
- |
| Abs on random (C#) |
CWE:682 |
| Abstract types should not have public constructors (C#) |
- |
| Actual Parameter Element may be null (C#) |
CWE:476 |
| All members declared in parent interfaces must have an implementation in a DynamicInterfaceCastableImplementation-attributed interface (C#) |
- |
| Ambiguous Call from Inner Class (C#) |
CWE:1076 |
| Anonymous LDAP Authentication (C#) |
CWE:1390 |
| Approximate e Constant (C#) |
CWE:197, CWE:1078, CWE:1339 |
| Approximate pi Constant (C#) |
CWE:197, CWE:1078, CWE:1339 |
| Argument passed to TaskCompletionSource constructor should be TaskCreationOptions enum instead of TaskContinuationOptions enum (C#) |
- |
| Assigning symbol and its member in the same statement (C#) |
- |
| Assignment in Conditional (C#) |
CWE:481 |
| Asymmetric compareTo (C#) |
CWE:697 |
| Attribute string literals should parse correctly (C#) |
- |
| Avoid 'StringBuilder' parameters for P/Invokes (C#) |
- |
| Avoid constant arrays as arguments (C#) |
- |
| Avoid dead conditional code (C#) |
- |
| Avoid empty interfaces (C#) |
- |
| Avoid excessive class coupling (C#) |
- |
| Avoid excessive complexity (C#) |
- |
| Avoid excessive inheritance (C#) |
- |
| Avoid excessive parameters on generic types (C#) |
- |
| Avoid hardcoded SslProtocols values (C#) |
- |
| Avoid hardcoding SecurityProtocolType value (C#) |
- |
| Avoid infinite recursion (C#) |
- |
| Avoid out parameters (C#) |
- |
| Avoid uninstantiated internal classes (C#) |
- |
| Avoid unmaintainable code (C#) |
- |
| Avoid unsealed attributes (C#) |
- |
| Avoid unused private fields (C#) |
- |
| Avoid using 'Enumerable.Any()' extension method (C#) |
- |
| Avoid using cref tags with a prefix (C#) |
- |
| Avoid zero-length array allocations (C#) |
- |
| Bitwise AND on Boolean (C#) |
CWE:768 |
| Bitwise AND on Boolean Constant (C#) |
CWE:480 |
| Bitwise OR on Boolean (C#) |
CWE:768 |
| Bitwise OR on Boolean Constant (C#) |
CWE:480 |
| Blocking in Critical Section (C#) |
CWE:833 |
| Cache and reuse 'JsonSerializerOptions' instances (C#) |
- |
| Call Might Return Null (C#) |
CWE:252 |
| Call async methods when in an async method (C#) |
- |
| CancellationToken parameters must come last (C#) |
- |
| Cast: Integer to Floating Point (C#) |
CWE:192 |
| Cast: int Computation to long (C#) |
CWE:190 |
| Certificate Added to Root Store (C#) |
CWE:922 |
| Class Enables Debug Features (C#) |
CWE:489 |
| Closeable Not Closed (C#) |
CWE:772 |
| Closeable Not Stored (C#) |
CWE:400 |
| Code Injection (C#) |
CWE:94 |
| Collection properties should be read only (C#) |
- |
| Command Injection (C#) |
CWE:78 |
| Comparison to Class Names (C#) |
CWE:486 |
| Comparison to Empty String (C#) |
CWE:597 |
| Consider calling ConfigureAwait on the awaited task (C#) |
- |
| Consider using 'StringBuilder.Append(char)' when applicable (C#) |
- |
| Consider using 'string.Contains' instead of 'string.IndexOf' (C#) |
- |
| Copy-Paste Error |
CWE:1041 |
| Cross Site Scripting (C#) |
CWE:79, CWE:81 |
| Cross Site Scripting In Error Message Web Page (C#) |
CWE:79, CWE:81 |
| Cryptographic Algorithm with Risky Default Cipher (C#) |
CWE:327 |
| Cryptographic Algorithm with Weak Cipher (C#) |
CWE:327 |
| Cryptographic Algorithm with Weak Hash (C#) |
CWE:328 |
| DLL Injection (C#) |
CWE:74, CWE:114 |
| DOS Injection (C#) |
CWE:74 |
| Debug Call (C#) |
CWE:489 |
| Debug Warning (C#) |
CWE:477 |
| Declare types in namespaces (C#) |
- |
| Define accessors for attribute arguments (C#) |
- |
| Defines equals but not hashCode (C#) |
CWE:581 |
| Defines hashCode but not equals (C#) |
CWE:581 |
| Deprecated Cryptography Provider (C#) |
CWE:327 |
| Deprecated Transfer Protocol (C#) |
CWE:757 |
| Deserializable Class (C#) |
CWE:913 |
| Disabled Input Validation (C#) |
CWE:20 |
| Disposable fields should be disposed (C#) |
- |
| Disposable types should declare finalizer (C#) |
- |
| Dispose methods should call SuppressFinalize (C#) |
- |
| Dispose methods should call base class dispose (C#) |
- |
| Dispose objects before losing scope (C#) |
- |
| Do Not Add Archive Item's Path To The Target File System Path (C#) |
- |
| Do Not Add Certificates To Root Store (C#) |
- |
| Do Not Add Schema By URL (C#) |
- |
| Do Not Call Dangerous Methods In Deserialization (C#) |
- |
| Do Not Catch Corrupted State Exceptions (C#) |
- |
| Do Not Disable Certificate Validation (C#) |
- |
| Do Not Disable HTTP Header Checking (C#) |
- |
| Do Not Disable Request Validation (C#) |
- |
| Do Not Disable SChannel Use of Strong Crypto (C#) |
- |
| Do Not Serialize Types With Pointer Fields (C#) |
- |
| Do Not Use Account Shared Access Signature (C#) |
- |
| Do Not Use Broken Cryptographic Algorithms (C#) |
- |
| Do Not Use Deprecated Security Protocols (C#) |
- |
| Do Not Use Digital Signature Algorithm (DSA) (C#) |
- |
| Do Not Use Weak Cryptographic Algorithms (C#) |
- |
| Do Not Use Weak Key Derivation Function With Insufficient Iteration Count (C#) |
- |
| Do Not Use XslTransform (C#) |
- |
| Do not always skip token validation in delegates (C#) |
- |
| Do not assign a property to itself (C#) |
- |
| Do not call BinaryFormatter.Deserialize without first setting BinaryFormatter.Binder (C#) |
- |
| Do not call Enumerable.Cast<T> or Enumerable.OfType<T> with incompatible types (C#) |
- |
| Do not call ToImmutableCollection on an ImmutableCollection value (C#) |
- |
| Do not call overridable methods in constructors (C#) |
- |
| Do not catch general exception types (C#) |
- |
| Do not create tasks without passing a TaskScheduler (C#) |
- |
| Do not declare event fields as virtual (C#) |
- |
| Do not declare protected member in sealed type (C#) |
- |
| Do not declare static members on generic types (C#) |
- |
| Do not declare visible instance fields (C#) |
- |
| Do not define finalizers for types derived from MemoryManager<T> (C#) |
- |
| Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver (C#) |
- |
| Do not deserialize with JsonSerializer using an insecure configuration (C#) |
- |
| Do not deserialize without first setting NetDataContractSerializer.Binder (C#) |
- |
| Do not disable ServicePointManagerSecurityProtocols (C#) |
- |
| Do not disable token validation checks (C#) |
- |
| Do not duplicate indexed element initializations (C#) |
- |
| Do not expose generic lists (C#) |
- |
| Do not hard-code certificate (C#) |
- |
| Do not hard-code encryption key (C#) |
- |
| Do not hide base class methods (C#) |
- |
| Do not ignore method results (C#) |
- |
| Do not initialize unnecessarily (C#) |
- |
| Do not lock on objects with weak identity (C#) |
- |
| Do not mark enums with FlagsAttribute (C#) |
- |
| Do not name enum values 'Reserved' (C#) |
- |
| Do not overload equality operator on reference types (C#) |
- |
| Do not pass literals as localized parameters (C#) |
- |
| Do not pass types by reference (C#) |
- |
| Do not prefix enum values with type name (C#) |
- |
| Do not raise exceptions in finally clauses (C#) |
- |
| Do not raise exceptions in unexpected locations (C#) |
- |
| Do not raise reserved exception types (C#) |
- |
| Do not use 'OutAttribute' on string parameters for P/Invokes (C#) |
- |
| Do not use 'WaitAll' with a single task (C#) |
- |
| Do not use 'WhenAll' with a single task (C#) |
- |
| Do not use ConfigureAwaitOptions.SuppressThrowing with Task<TResult> (C#) |
- |
| Do not use Count() or LongCount() when Any() can be used (C#) |
- |
| Do not use CountAsync() or LongCountAsync() when AnyAsync() can be used (C#) |
- |
| Do not use CreateEncryptor with non-default IV (C#) |
- |
| Do not use DataSet.ReadXml() with untrusted data (C#) |
- |
| Do not use DataTable.ReadXml() with untrusted data (C#) |
- |
| Do not use Enumerable methods on indexable collections (C#) |
- |
| Do not use ReferenceEquals with value types (C#) |
- |
| Do not use TypeNameHandling values other than None (C#) |
- |
| Do not use deprecated SslProtocols values (C#) |
- |
| Do not use insecure JsonSerializerSettings (C#) |
- |
| Do not use insecure deserializer BinaryFormatter (C#) |
- |
| Do not use insecure deserializer LosFormatter (C#) |
- |
| Do not use insecure deserializer NetDataContractSerializer (C#) |
- |
| Do not use insecure deserializer ObjectStateFormatter (C#) |
- |
| Do not use insecure randomness (C#) |
- |
| Do not use obsolete key derivation function (C#) |
- |
| Do not use stackalloc in loops (C#) |
- |
| Do not use unsafe DllImportSearchPath value (C#) |
- |
| Double-Checked Locking (C#) |
CWE:609 |
| Empty Branch Statement (C#) |
CWE:1071 |
| Empty Exception Handler (C#) |
CWE:390 |
| Empty zip File Archived (C#) |
CWE:909 |
| Ensure BinaryFormatter.Binder is set before calling BinaryFormatter.Deserialize (C#) |
- |
| Ensure Certificates Are Not Added To Root Store (C#) |
- |
| Ensure HttpClient certificate revocation list check is not disabled (C#) |
- |
| Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing (C#) |
- |
| Ensure Key Derivation Function algorithm is sufficiently strong (C#) |
- |
| Ensure NetDataContractSerializer.Binder is set before deserializing (C#) |
- |
| Ensure Sufficient Iteration Count When Using Weak Key Derivation Function (C#) |
- |
| Ensure Use Secure Cookies In ASP.NET Core (C#) |
- |
| Ensure auto-generated class containing DataSet.ReadXml() is not used with untrusted data (C#) |
- |
| Ensure that JsonSerializer has a secure configuration when deserializing (C#) |
- |
| Ensure that JsonSerializerSettings are secure (C#) |
- |
| Enum Storage should be Int32 (C#) |
- |
| Enums should have zero value (C#) |
- |
| Enums values should not be duplicated (C#) |
- |
| Events should not have 'Before' or 'After' prefix (C#) |
- |
| Exception Information Disclosure (C#) |
CWE:550 |
| Exceptions should be public (C#) |
- |
| Execution After Redirect (C#) |
CWE:698 |
| Field Element may be null (deep) (C#) |
CWE:476 |
| Field Never Read (C#) |
CWE:1164 |
| Field Never Written (C#) |
CWE:456 |
| Field Too Visible (C#) |
CWE:1061 |
| Field may be null (deep) (C#) |
CWE:476 |
| Floating Point Equality (C#) |
CWE:1077 |
| Format String Injection (C#) |
CWE:134 |
| Forward the 'CancellationToken' parameter to methods (C#) |
- |
| Generic Exception Handler (C#) |
CWE:396 |
| Generic interface should also be implemented (C#) |
- |
| Hardcoded Cryptographic Key (C#) |
CWE:321 |
| Hardcoded Filename (C#) |
CWE:547 |
| Hardcoded IP Address (C#) |
CWE:547 |
| Hardcoded Password (C#) |
CWE:259 |
| Hardcoded Random Seed (C#) |
CWE:330 |
| Hostname in Condition (C#) |
CWE:287 |
| HttpClients should enable certificate revocation list checks (C#) |
- |
| Identifier contains type name (C#) |
- |
| Identifiers should differ by more than case (C#) |
- |
| Identifiers should have correct prefix (C#) |
- |
| Identifiers should have correct suffix (C#) |
- |
| Identifiers should not contain underscores (C#) |
- |
| Identifiers should not have incorrect suffix (C#) |
- |
| Identifiers should not match keywords (C#) |
- |
| Ignored Return Value (C#) |
CWE:252 |
| Ignored Return Value for Pure Function (C#) |
CWE:252 |
| Implement IDisposable Correctly (C#) |
- |
| Implement IEquatable when overriding Object.Equals (C#) |
- |
| Implement standard exception constructors (C#) |
- |
| Impossible Client Side Locking (C#) |
CWE:413 |
| Impossible reference comparison (C#) |
CWE:570 |
| Improper 'ThreadStatic' field initialization (C#) |
- |
| Inadequate Salt (C#) |
CWE:916 |
| Inappropriate Exception Handler (C#) |
CWE:395 |
| Inappropriate Instanceof (C#) |
CWE:1076 |
| Incorrect usage of ConstantExpected attribute (C#) |
- |
| Inefficient Bitwise AND (C#) |
CWE:480 |
| Inefficient Bitwise OR (C#) |
CWE:480 |
| Initialize reference type static fields inline (C#) |
- |
| Initialize value type static fields inline (C#) |
- |
| Insecure Cookie (C#) |
CWE:614 |
| Insecure DTD processing in XML (C#) |
- |
| Insecure Key Derivation (C#) |
CWE:326 |
| Insecure Processing in API Design, XmlDocument and XmlTextReader (C#) |
- |
| Insecure Random Number Generator (C#) |
CWE:330 |
| Insecure XSLT Execution (C#) |
CWE:611 |
| Insecure XSLT script processing (C#) |
- |
| Instanceof Always False (C#) |
CWE:570 |
| Instanceof Always True (C#) |
CWE:571 |
| Instantiate argument exceptions correctly (C#) |
- |
| Interface methods should be callable by child types (C#) |
- |
| Invalid entry in code metrics rule specification file (C#) |
- |
| Legacy Random Generator (C#) |
CWE:330 |
| Mark ISerializable types with serializable (C#) |
- |
| Mark Verb Handlers With Validate Antiforgery Token (C#) |
- |
| Mark all non-serializable fields (C#) |
- |
| Mark assemblies with CLSCompliant (C#) |
- |
| Mark assemblies with ComVisible (C#) |
- |
| Mark assemblies with NeutralResourcesLanguageAttribute (C#) |
- |
| Mark assemblies with assembly version (C#) |
- |
| Mark attributes with AttributeUsageAttribute (C#) |
- |
| Mark enums with FlagsAttribute (C#) |
- |
| Mark members as static (C#) |
- |
| Members defined on an interface with the 'DynamicInterfaceCastableImplementationAttribute' should be 'static' (C#) |
- |
| Method Disables Security Setting (C#) |
CWE:676 |
| Method Enables Debug Features (C#) |
CWE:489 |
| Method Names Differ Only in Case (C#) |
CWE:628 |
| Method Should Not Return null (C#) |
CWE:476 |
| Method Should be final (C#) |
CWE:493 |
| Method Should be private (C#) |
CWE:1061 |
| Miss HttpVerb attribute for action methods (C#) |
- |
| Missing Authentication Annotation (C#) |
CWE:287 |
| Missing Call to super (C#) |
CWE:573 |
| Missing Equals Override (C#) |
CWE:1023 |
| Missing Required Cryptographic Step (C#) |
CWE:325 |
| Missing synchronized Statement (C#) |
CWE:567 |
| Move pinvokes to native methods class (C#) |
- |
| Mutable Constant Field (C#) |
CWE:607 |
| Mutable Enumeration (C#) |
CWE:607 |
| Mutable Public Static Final Array (C#) |
CWE:582, CWE:607 |
| Named placeholders should not be numeric values (C#) |
- |
| Naming Style Violation (C#) |
CWE:710 |
| Nested types should not be visible (C#) |
- |
| Non-Object compareTo Parameter (C#) |
CWE:1097 |
| Non-constant fields should not be visible (C#) |
- |
| Non-overriding Method Signature (C#) |
CWE:686 |
| Nonserializable Field (C#) |
CWE:913 |
| Nonserializable Field Element (C#) |
CWE:913 |
| Nonserializable Outer Class (C#) |
CWE:913 |
| Normalize strings to uppercase (C#) |
- |
| Null Parameter Dereference (C#) |
CWE:476 |
| Null Pointer Dereference (C#) |
CWE:456, CWE:476 |
| Null Pointer Dereference (deep) (C#) |
CWE:476 |
| Open Redirect (C#) |
CWE:601 |
| Operator overloads have named alternates (C#) |
- |
| Operators should have symmetrical overloads (C#) |
- |
| Overload operator equals on overriding value type Equals (C#) |
- |
| Override Object.Equals(object) when implementing IEquatable<T> (C#) |
- |
| Override equals and operator equals on value types (C#) |
- |
| Override methods on comparable types (C#) |
- |
| P/Invokes should not be visible (C#) |
- |
| Parameter count mismatch (C#) |
- |
| Parameter names should match base declaration (C#) |
- |
| Pass system uri objects instead of strings (C#) |
- |
| Password in Property File (C#) |
CWE:522 |
| Possible XML External Entity Reference (C#) |
CWE:611 |
| Possible multiple enumerations of 'IEnumerable' collection (C#) |
- |
| Potential Infinite Recursion (C#) |
CWE:674 |
| Potential reference cycle in deserialized object graph (C#) |
- |
| Prefer 'AsSpan' over 'Substring' (C#) |
- |
| Prefer 'Clear' over 'Fill' (C#) |
- |
| Prefer Dictionary.Contains methods (C#) |
- |
| Prefer IsEmpty over Count (C#) |
- |
| Prefer jagged arrays over multidimensional (C#) |
- |
| Prefer static 'HashData' method over 'ComputeHash' (C#) |
- |
| Prefer strongly-typed Append and Insert method overloads on StringBuilder (C#) |
- |
| Prefer the 'IDictionary.TryAdd(TKey, TValue)' method (C#) |
- |
| Prefer the 'IDictionary.TryGetValue(TKey, out TValue)' method (C#) |
- |
| Prefer the 'Memory'-based overloads for 'ReadAsync' and 'WriteAsync' (C#) |
- |
| Prevent behavioral change (C#) |
- |
| Properties should not be write only (C#) |
- |
| Properties should not return arrays (C#) |
- |
| Property names should not match get methods (C#) |
- |
| Property, type, or attribute requires runtime marshalling (C#) |
- |
| Provide ObsoleteAttribute message (C#) |
- |
| Provide a parameterless constructor that is as visible as the containing type for concrete types derived from 'System.Runtime.InteropServices.SafeHandle' (C#) |
- |
| Provide correct 'enum' argument to 'Enum.HasFlag' (C#) |
- |
| Provide correct arguments to formatting methods (C#) |
- |
| Provide memory-based overrides of async methods when subclassing 'Stream' (C#) |
- |
| Providing a 'DynamicInterfaceCastableImplementation' interface in Visual Basic is unsupported (C#) |
- |
| Redundant Call for Integral Argument (C#) |
- |
| Redundant Call for String Argument (C#) |
CWE:1164 |
| Redundant Condition (C#) |
CWE:570, CWE:571 |
| Reflection Bypasses Member Accessibility (C#) |
CWE:915 |
| Reflection Injection (C#) |
CWE:470 |
| Reflection Modifies Member Accessibility (C#) |
CWE:915 |
| Remove empty Finalizers (C#) |
- |
| Rethrow to preserve stack details (C#) |
- |
| Return Value may Contain null Element (C#) |
CWE:476 |
| Return Value may be null (C#) |
CWE:476 |
| Return null Array (C#) |
CWE:476 |
| Review SQL queries for security vulnerabilities (C#) |
- |
| Review cipher mode usage with cryptography experts (C#) |
- |
| Review code for DLL injection vulnerabilities (C#) |
- |
| Review code for LDAP injection vulnerabilities (C#) |
- |
| Review code for SQL injection vulnerabilities (C#) |
- |
| Review code for XAML injection vulnerabilities (C#) |
- |
| Review code for XML injection vulnerabilities (C#) |
- |
| Review code for XPath injection vulnerabilities (C#) |
- |
| Review code for XSS vulnerabilities (C#) |
- |
| Review code for file path injection vulnerabilities (C#) |
- |
| Review code for information disclosure vulnerabilities (C#) |
- |
| Review code for open redirect vulnerabilities (C#) |
- |
| Review code for process command injection vulnerabilities (C#) |
- |
| Review code for regex injection vulnerabilities (C#) |
- |
| Risky Cipher Algorithm (C#) |
CWE:327 |
| Risky Cipher Field (C#) |
CWE:327 |
| Risky Class Cast (C#) |
CWE:704 |
| Risky Cryptographic Algorithm (C#) |
CWE:327 |
| Risky Cryptographic Field (C#) |
CWE:327 |
| Risky array store (C#) |
CWE:704 |
| SQL Injection (C#) |
CWE:89 |
| Seal internal types (C#) |
- |
| Seal methods that satisfy private interfaces (C#) |
- |
| Security Annotation Conflict (C#) |
CWE:749 |
| Set HttpOnly to true for HttpCookie (C#) |
- |
| Set ViewStateUserKey For Classes Derived From Page (C#) |
- |
| Shadowed Identifier (C#) |
CWE:1076 |
| Should Use == Instead of equals() (C#) |
CWE:480 |
| Should Use equals() Instead of == (C#) |
CWE:595 |
| Single-use Random Number Generator (C#) |
CWE:1176 |
| Specify CultureInfo (C#) |
- |
| Specify IFormatProvider (C#) |
- |
| Specify StringComparison for clarity (C#) |
- |
| Specify StringComparison for correctness (C#) |
- |
| Specify a culture or use an invariant version (C#) |
- |
| Specify marshaling for P/Invoke string arguments (C#) |
- |
| Static Field Assigned Non-Static (C#) |
CWE:1164 |
| Static Field Too Visible (C#) |
CWE:1061 |
| Static holder types should be Static or NotInheritable (C#) |
- |
| Synchronization on Interned String (C#) |
CWE:412 |
| Synchronization on static (C#) |
CWE:413 |
| Synchronous Call to Thread Body (C#) |
CWE:572 |
| Tainted @Trusted Value (C#) |
CWE:74 |
| Tainted Allocation Size (C#) |
CWE:789 |
| Tainted Bundle (C#) |
CWE:501 |
| Tainted Control (C#) |
CWE:74 |
| Tainted Expression Evaluation (C#) |
CWE:95 |
| Tainted HTTP Response (C#) |
CWE:113 |
| Tainted Hardware Device Property (C#) |
CWE:74 |
| Tainted LDAP Attribute (C#) |
CWE:90 |
| Tainted LDAP Filter (C#) |
CWE:90 |
| Tainted Log (C#) |
CWE:117 |
| Tainted Message (C#) |
CWE:319 |
| Tainted Network Address (C#) |
CWE:74 |
| Tainted Path (C#) |
CWE:22 |
| Tainted Regular Expression (C#) |
CWE:624 |
| Tainted Resource (C#) |
CWE:74 |
| Tainted Session (C#) |
CWE:501 |
| Tainted URL (C#) |
CWE:74, CWE:601 |
| Tainted XAML (C#) |
CWE:74 |
| Tainted XML (C#) |
CWE:74 |
| Tainted Xpath (C#) |
CWE:643 |
| Template should be a static expression (C#) |
- |
| Test for NaN correctly (C#) |
- |
| Test for empty strings using string length (C#) |
- |
| The 'ModuleInitializer' attribute should not be used in libraries (C#) |
- |
| This API requires opting into preview features (C#) |
- |
| This method uses runtime marshalling even when the 'DisableRuntimeMarshallingAttribute' is applied (C#) |
- |
| Type names should not match namespaces (C#) |
- |
| Types should not extend certain base types (C#) |
- |
| Types that own disposable fields should be disposable (C#) |
- |
| URI-like parameters should not be strings (C#) |
- |
| URI-like properties should not be strings (C#) |
- |
| URI-like return values should not be strings (C#) |
- |
| Unchecked Parameter Dereference (C#) |
CWE:476 |
| Unchecked Parameter Dereference (deep) (C#) |
CWE:476 |
| Unchecked Parameter Element Dereference (deep) (C#) |
CWE:476 |
| Unguarded Field (C#) |
CWE:567 |
| Unguarded Method (C#) |
CWE:820 |
| Unguarded Parameter (C#) |
CWE:567 |
| Unnecessary Field (C#) |
CWE:563, CWE:1126 |
| Unnecessary call to 'Contains(item)' (C#) |
- |
| Unnecessary call to 'Dictionary.ContainsKey(key)' (C#) |
- |
| Unreachable Instruction (C#) |
CWE:561 |
| Unsafe Base64 Encoding (C#) |
CWE:327 |
| Unsafe DataSet or DataTable in auto-generated serializable type can be vulnerable to remote code execution attacks (C#) |
- |
| Unsafe DataSet or DataTable in deserialized object graph can be vulnerable to remote code execution attacks (C#) |
- |
| Unsafe DataSet or DataTable in serializable type (C#) |
- |
| Unsafe DataSet or DataTable in serializable type can be vulnerable to remote code execution attacks (C#) |
- |
| Unsafe DataSet or DataTable type found in deserializable object graph (C#) |
- |
| Unsafe DataSet or DataTable type in web deserializable object graph (C#) |
- |
| Unsafe Session Expiration Time (C#) |
CWE:613 |
| Unused Class (C#) |
CWE:561 |
| Unused Field (C#) |
CWE:1164 |
| Unused Method (C#) |
CWE:561 |
| Unused Object (C#) |
CWE:1164 |
| Unused Value: Actual Parameter (C#) |
CWE:563 |
| Unused Value: Variable (C#) |
CWE:563 |
| Unused Value: Write to Parameter (C#) |
CWE:563 |
| Use 'CompositeFormat' (C#) |
- |
| Use 'Environment.CurrentManagedThreadId' (C#) |
- |
| Use 'Environment.ProcessId' (C#) |
- |
| Use 'Environment.ProcessPath' (C#) |
- |
| Use 'StartsWith' instead of 'IndexOf' (C#) |
- |
| Use 'ThrowIfCancellationRequested' (C#) |
- |
| Use 'string.Equals' (C#) |
- |
| Use ArgumentException throw helper (C#) |
- |
| Use ArgumentNullException throw helper (C#) |
- |
| Use ArgumentOutOfRangeException throw helper (C#) |
- |
| Use AsSpan or AsMemory instead of Range-based indexers (C#) |
- |
| Use AsSpan or AsMemory instead of Range-based indexers for getting Span of an array (C#) |
- |
| Use AsSpan or AsMemory instead of Range-based indexers when appropriate (C#) |
- |
| Use Container Level Access Policy (C#) |
- |
| Use CreateEncryptor with the default IV (C#) |
- |
| Use DefaultDllImportSearchPaths attribute for P/Invokes (C#) |
- |
| Use Integral Or String Argument For Indexers (C#) |
- |
| Use Length/Count property instead of Count() when available (C#) |
- |
| Use ObjectDisposedException throw helper (C#) |
- |
| Use PascalCase for named placeholders (C#) |
- |
| Use Rivest-Shamir-Adleman (RSA) Algorithm With Sufficient Key Size (C#) |
- |
| Use Secure Cookies In ASP.NET Core (C#) |
- |
| Use SharedAccessProtocol HttpsOnly (C#) |
- |
| Use ValueTasks correctly (C#) |
- |
| Use XmlReader for 'DataSet.ReadXml()' (C#) |
- |
| Use XmlReader for 'XmlSchema.Read()' (C#) |
- |
| Use XmlReader for 'XmlSerializer.Deserialize()' (C#) |
- |
| Use XmlReader for XPathDocument constructor (C#) |
- |
| Use XmlReader for XmlValidatingReader constructor (C#) |
- |
| Use a cached 'SearchValues' instance (C#) |
- |
| Use antiforgery tokens in ASP.NET Core MVC controllers (C#) |
- |
| Use char literal for a single character lookup (C#) |
- |
| Use char overload, CA1865 (C#) |
- |
| Use char overload, CA1866 (C#) |
- |
| Use char overload, CA1867 (C#) |
- |
| Use concrete types when possible for improved performance (C#) |
- |
| Use correct type parameter (C#) |
- |
| Use events where appropriate (C#) |
- |
| Use generic event handler instances (C#) |
- |
| Use literals where appropriate (C#) |
- |
| Use nameof to express symbol names (C#) |
- |
| Use of Same Seed (C#) |
CWE:336 |
| Use ordinal string comparison (C#) |
- |
| Use properties where appropriate (C#) |
- |
| Use span-based 'string.Concat' (C#) |
- |
| Use the 'StringComparison' method overloads to perform case-insensitive string comparisons (C#) |
- |
| Use the LoggerMessage delegates (C#) |
- |
| Use valid platform string (C#) |
- |
| Useless Assignment (C#) |
CWE:665 |
| Useless Assignment to Default (C#) |
CWE:665 |
| Useless Class Cast (C#) |
CWE:1164 |
| Useless Synchronization (C#) |
CWE:585 |
| Useless null Test (C#) |
CWE:1164 |
| Useless null Test of Field (C#) |
CWE:1164 |
| Useless null Test of Parameter (C#) |
CWE:1164 |
| Useless null Test of Return Value (C#) |
CWE:253 |
| Useless volatile Modifier (C#) |
CWE:567, CWE:662 |
| Validate arguments of public methods (C#) |
- |
| Validate platform compatibility (C#) |
- |
| Validate platform compatibility - obsoleted APIs (C#) |
- |
| Weak Cryptographic Value (C#) |
CWE:338 |
| Weak Hash Algorithm (C#) |
CWE:328 |
| Weak Hash Algorithm Field (C#) |
CWE:328 |
| Weak Initialization Vector Field (C#) |
CWE:1204 |
| Weak Initialization Vector Value (C#) |
CWE:1204 |
| clone Non-cloneable (C#) |
CWE:491 |
| clone Subclass of Non-clonable (C#) |
CWE:491 |
| clone not final (C#) |
CWE:491 |
| compareTo in Non-Comparable Class (C#) |
CWE:1076 |
| compareTo without equals (C#) |
CWE:697 |
| compareTo/equals mismatch (C#) |
CWE:697 |
| equals Always Fails (C#) |
CWE:570 |
| equals Parameter Should Be Object (C#) |
CWE:1076 |
| equals on Array (C#) |
CWE:595 |
| null Passed to Method (deep) (C#) |
CWE:476 |
| toString on Array (C#) |
CWE:440 |
| Class Name |
CWE IDs |
|---|
| Absent or Wrong File License (detekt) |
CWE:1078 |
| Also Could Be Apply (detekt) |
CWE:1078 |
| Array Primitive (detekt) |
CWE:1235 |
| Avoid Referential Equality (detekt) |
CWE:595 |
| Boolean Property Naming (detekt) |
CWE:1099 |
| Braces on If Statements (detekt) |
CWE:1078 |
| Braces on When Statements (detekt) |
CWE:1078 |
| Can Be Non Nullable (detekt) |
CWE:1076 |
| Cascading Call Wrapping (detekt) |
CWE:1078 |
| Cast Nullable to Non Nullable Type (detekt) |
CWE:704 |
| Cast to Nullable Type (detekt) |
CWE:704 |
| Class Naming (detekt) |
CWE:1099 |
| Class Ordering (detekt) |
CWE:1078 |
| Cognitive Complex Method (detekt) |
CWE:1120 |
| Collapsible If Statements (detekt) |
CWE:1078, CWE:1124 |
| Comment Over Private Function (detekt) |
CWE:1113 |
| Comment Over Private Property (detekt) |
CWE:1113 |
| Complex Condition (detekt) |
CWE:1120 |
| Complex Interface (detekt) |
CWE:1120 |
| Constructor Parameter Naming (detekt) |
CWE:1099 |
| Copy-Paste Error |
CWE:1041 |
| Could Be Sequence (detekt) |
CWE:1176 |
| Cyclomatic Complex Method (detekt) |
CWE:1121 |
| Data Class Contains Functions (detekt) |
CWE:1076 |
| Data Class Should Be Immutable (detekt) |
CWE:1076 |
| Deprecated Block Tag (detekt) |
CWE:1113 |
| Deprecation (detekt) |
CWE:477, CWE:1076 |
| Destructuring Declaration With Too Many Entries (detekt) |
CWE:1076, CWE:1120 |
| Dont Downcast Collection Types (detekt) |
CWE:704, CWE:758 |
| Double Mutability for Collection (detekt) |
CWE:1076 |
| Double Negative Lambda (detekt) |
CWE:1099 |
| Else Case Instead of Exhaustive When (detekt) |
CWE:1076 |
| Empty Catch Block (detekt) |
CWE:390, CWE:1069 |
| Empty Class Block (detekt) |
CWE:1071 |
| Empty Default Constructor (detekt) |
CWE:909, CWE:1071 |
| Empty Do While Block (detekt) |
CWE:1071 |
| Empty Else Block (detekt) |
CWE:1071 |
| Empty Finally Block (detekt) |
CWE:1071 |
| Empty Function Block (detekt) |
CWE:1071 |
| Empty If Block (detekt) |
CWE:1071 |
| Empty Init Block (detekt) |
CWE:909, CWE:1071 |
| Empty Kt File (detekt) |
CWE:1071 |
| Empty Secondary Constructor (detekt) |
CWE:909, CWE:1071 |
| Empty Try Block (detekt) |
CWE:1071 |
| Empty When Block (detekt) |
CWE:1071 |
| Empty While Block (detekt) |
CWE:1071 |
| Empty for Block (detekt) |
CWE:1071 |
| End of Sentence Format (detekt) |
CWE:1113 |
| Enum Naming (detekt) |
CWE:1099 |
| Equals Always Returns True or False (detekt) |
CWE:570, CWE:571 |
| Equals Null Call (detekt) |
CWE:1025 |
| Equals With Hash Code Exist (detekt) |
CWE:581 |
| Equals on Signature Line (detekt) |
CWE:1114 |
| Exception Raised in Unexpected Location (detekt) |
CWE:705, CWE:755 |
| Exit Outside Main (detekt) |
CWE:1076 |
| Explicit Collection Element Access Method (detekt) |
CWE:1078 |
| Explicit Garbage Collection Call (detekt) |
CWE:404, CWE:1076 |
| Explicit It Lambda Parameter (detekt) |
CWE:1078 |
| Expression Body Syntax (detekt) |
CWE:1078 |
| For Each on Range (detekt) |
CWE:1176 |
| Forbidden Annotation (detekt) |
CWE:1078 |
| Forbidden Class Name (detekt) |
CWE:1099 |
| Forbidden Comment (detekt) |
CWE:546 |
| Forbidden Import (detekt) |
CWE:1177 |
| Forbidden Method Call (detekt) |
CWE:1177 |
| Forbidden Suppress (detekt) |
CWE:1076, CWE:1127 |
| Forbidden Void (detekt) |
CWE:1076 |
| Function Max Length (detekt) |
CWE:1099 |
| Function Min Length (detekt) |
CWE:1099 |
| Function Naming (detekt) |
CWE:1099 |
| Function Only Returning Constant (detekt) |
CWE:1076 |
| Function Parameter Naming (detekt) |
CWE:1099 |
| Global Coroutine Usage (detekt) |
CWE:664, CWE:1076 |
| Has Platform Type (detekt) |
CWE:1076 |
| Ignored Return Value (detekt) |
CWE:252, CWE:391, CWE:394 |
| Implicit Default Locale (detekt) |
CWE:172 |
| Implicit Unit Return Type (detekt) |
CWE:1076 |
| Inject Dispatcher (detekt) |
CWE:1076 |
| Instance of Check for Exception (detekt) |
CWE:754, CWE:1076 |
| Invalid Package Declaration (detekt) |
CWE:1099 |
| Invalid Range (detekt) |
CWE:561, CWE:1076 |
| Iterator Has Next Calls Next Method (detekt) |
CWE:1076 |
| Iterator Not Throwing No Such Element Exception (detekt) |
CWE:573, CWE:835 |
| KDoc References Non Public Property (detekt) |
CWE:615 |
| Labeled Expression (detekt) |
CWE:1076, CWE:1120 |
| Lambda Parameter Naming (detekt) |
CWE:1099 |
| Large Class (detekt) |
CWE:1120 |
| Lateinit Usage (detekt) |
CWE:457, CWE:1076 |
| Long Method (detekt) |
CWE:1120 |
| Long Parameter List (detekt) |
CWE:1064 |
| Loop With Too Many Jump Statements (detekt) |
CWE:1120 |
| Magic Number (detekt) |
CWE:1078 |
| Mandatory Braces Loops (detekt) |
CWE:1078 |
| Map Get With Not Null Assertion Operator (detekt) |
CWE:230 |
| Matching Declaration Name (detekt) |
CWE:1099 |
| Max Chained Calls on Same Line (detekt) |
CWE:1114 |
| Max Line Length (detekt) |
CWE:1078 |
| May Be Const (detekt) |
CWE:1076 |
| Member Name Equals Class Name (detekt) |
CWE:1099 |
| Method Overloading (detekt) |
CWE:1120 |
| Missing Package Declaration (detekt) |
CWE:1076 |
| Modifier Order (detekt) |
CWE:1078 |
| Multiline Lambda It Parameter (detekt) |
CWE:1078 |
| Multiline Raw String Indentation (detekt) |
CWE:1114 |
| Named Arguments (detekt) |
CWE:1120 |
| Nested Block Depth (detekt) |
CWE:1124 |
| Nested Classes Visibility (detekt) |
CWE:1076, CWE:1164 |
| Nested Scope Functions (detekt) |
CWE:1120 |
| New Line at End of File (detekt) |
CWE:1114 |
| No Name Shadowing (detekt) |
CWE:694, CWE:1076 |
| No Tabs (detekt) |
CWE:1114 |
| Non Boolean Property Prefixed With Is (detekt) |
CWE:1099 |
| Not Implemented Declaration (detekt) |
CWE:489 |
| Null Check on Mutable Property (detekt) |
CWE:476 |
| Nullable Boolean Check (detekt) |
CWE:1078 |
| Nullable to String Call (detekt) |
CWE:686 |
| Object Extends Throwable (detekt) |
CWE:664 |
| Object Literal to Lambda (detekt) |
CWE:1078 |
| Object Property Naming (detekt) |
CWE:1099 |
| Optional Abstract Keyword (detekt) |
CWE:1078, CWE:1164 |
| Optional Unit (detekt) |
CWE:1078 |
| Outdated Documentation (detekt) |
CWE:1116 |
| Package Naming (detekt) |
CWE:1099 |
| Prefer to Over Pair Syntax (detekt) |
CWE:1078 |
| Print Stack Trace (detekt) |
CWE:779 |
| Property Used Before Declaration (detekt) |
CWE:1076 |
| Protected Member in Final Class (detekt) |
CWE:1076 |
| Redundant Explicit Type (detekt) |
CWE:1078, CWE:1164 |
| Redundant Higher Order Map Usage (detekt) |
CWE:1076, CWE:1164 |
| Redundant Suspend Modifier (detekt) |
CWE:1164 |
| Redundant Visibility Modifier Rule (detekt) |
CWE:1078, CWE:1164 |
| Replace Safe Call Chain With Run (detekt) |
CWE:1120 |
| Rethrow Caught Exception (detekt) |
CWE:1076, CWE:1164 |
| Return Count (detekt) |
CWE:1076, CWE:1120 |
| Return From Finally (detekt) |
CWE:584 |
| Safe Cast (detekt) |
CWE:1078 |
| Serial Version UIDIn Serializable Class (detekt) |
CWE:913, CWE:1076 |
| Sleep Instead of Delay (detekt) |
CWE:662 |
| Spacing Between Package and Imports (detekt) |
CWE:1114 |
| Spread Operator (detekt) |
CWE:1176 |
| String Literal Duplication (detekt) |
CWE:1106 |
| String Should Be Raw String (detekt) |
CWE:1078 |
| Suspend Fun Swallowed Cancellation (detekt) |
CWE:390 |
| Suspend Fun With Coroutine Scope Receiver (detekt) |
CWE:662 |
| Suspend Fun With Flow Return Type (detekt) |
CWE:662 |
| Swallowed Exception (detekt) |
CWE:390 |
| Throwing Exception From Finally (detekt) |
CWE:705, CWE:755 |
| Throwing Exception in Main (detekt) |
CWE:705, CWE:755 |
| Throwing Exceptions Without Message or Cause (detekt) |
CWE:1076 |
| Throwing New Instance of Same Exception (detekt) |
CWE:755 |
| Throws Count (detekt) |
CWE:703, CWE:1120 |
| Too Generic Exception Caught (detekt) |
CWE:396 |
| Too Generic Exception Thrown (detekt) |
CWE:755 |
| Too Many Functions (detekt) |
CWE:1120 |
| Top Level Property Naming (detekt) |
CWE:1099 |
| Trailing Whitespace (detekt) |
CWE:1114 |
| Trim Multiline Raw String (detekt) |
CWE:1078 |
| Unconditional Jump Statement in Loop (detekt) |
CWE:1119, CWE:1164 |
| Underscores in Numeric Literals (detekt) |
CWE:1078 |
| Undocumented Public Class (detekt) |
CWE:1059 |
| Undocumented Public Function (detekt) |
CWE:1059 |
| Undocumented Public Property (detekt) |
CWE:1059 |
| Unnecessary Abstract Class (detekt) |
CWE:1076 |
| Unnecessary Annotation Use Site Target (detekt) |
CWE:1164 |
| Unnecessary Apply (detekt) |
CWE:1078 |
| Unnecessary Backticks (detekt) |
CWE:1078 |
| Unnecessary Braces Around Trailing Lambda (detekt) |
CWE:1078 |
| Unnecessary Filter (detekt) |
CWE:1164 |
| Unnecessary Inheritance (detekt) |
CWE:1164 |
| Unnecessary Inner Class (detekt) |
CWE:1078 |
| Unnecessary Let (detekt) |
CWE:1078 |
| Unnecessary Not Null Check (detekt) |
CWE:570, CWE:571, CWE:1164 |
| Unnecessary Not Null Operator (detekt) |
CWE:570, CWE:571, CWE:1164 |
| Unnecessary Parentheses (detekt) |
CWE:1078 |
| Unnecessary Part of Binary Expression (detekt) |
CWE:1164, CWE:1176 |
| Unnecessary Safe Call (detekt) |
CWE:570, CWE:571, CWE:1164 |
| Unnecessary Temporary Instantiation (detekt) |
CWE:1176 |
| Unreachable Catch Block (detekt) |
CWE:561 |
| Unreachable Code (detekt) |
CWE:561 |
| Unsafe Call on Nullable Type (detekt) |
CWE:476 |
| Unsafe Cast (detekt) |
CWE:704 |
| Until Instead of Range to (detekt) |
CWE:1076 |
| Unused Imports (detekt) |
CWE:1164 |
| Unused Parameter (detekt) |
CWE:1164 |
| Unused Private Class (detekt) |
CWE:1164 |
| Unused Private Member (detekt) |
CWE:1164 |
| Unused Private Property (detekt) |
CWE:1164 |
| Unused Unary Operator (detekt) |
CWE:1164 |
| Use Any or None Instead of Find (detekt) |
CWE:1076 |
| Use Array Literals in Annotations (detekt) |
CWE:1078 |
| Use Check Not Null (detekt) |
CWE:1078 |
| Use Check or Error (detekt) |
CWE:1078 |
| Use Data Class (detekt) |
CWE:1076 |
| Use Empty Counterpart (detekt) |
CWE:1076 |
| Use If Empty or If Blank (detekt) |
CWE:1076 |
| Use If Instead of When (detekt) |
CWE:1078 |
| Use Is Null or Empty (detekt) |
CWE:1076 |
| Use Let (detekt) |
CWE:1076 |
| Use Require (detekt) |
CWE:1078 |
| Use Require Not Null (detekt) |
CWE:1078 |
| Use Sum of Instead of Flat Map Size (detekt) |
CWE:1076 |
| Use or Empty (detekt) |
CWE:1078 |
| Useless Call on Not Null (detekt) |
CWE:1164 |
| Useless Postfix Expression (detekt) |
CWE:480, CWE:1164 |
| Utility Class With Public Constructor (detekt) |
CWE:1076 |
| Var Could Be Val (detekt) |
CWE:1076 |
| Variable Max Length (detekt) |
CWE:1099 |
| Variable Min Length (detekt) |
CWE:1099 |
| Variable Naming (detekt) |
CWE:1099 |
| Wildcard Import (detekt) |
CWE:1076 |
| Wrong Equals Type Parameter (detekt) |
CWE:1076 |
| Class Name |
CWE IDs |
|---|
| Abstract Class Instantiated (Pylint) |
- |
| Abstract Method (Pylint) |
- |
| Access Member Before Definition (Pylint) |
CWE:908 |
| Anomalous Backslash in String (Pylint) |
- |
| Anomalous Unicode Escape in String (Pylint) |
- |
| Arguments Differ (Pylint) |
- |
| Arguments Out of Order (Pylint) |
CWE:683 |
| Arguments Renamed (Pylint) |
- |
| Assert on String Literal (Pylint) |
CWE:570, CWE:571, CWE:1164 |
| Assert on Tuple (Pylint) |
CWE:570, CWE:571, CWE:1164 |
| Assigning Non Slot (Pylint) |
CWE:1076 |
| Assignment From No Return (Pylint) |
CWE:1164 |
| Assignment From None (Pylint) |
CWE:1164 |
| Astroid Error (Pylint) |
- |
| Attribute Defined Outside Init (Pylint) |
CWE:1076 |
| Await Outside Async (Pylint) |
CWE:1076 |
| Bad Chained Comparison (Pylint) |
CWE:480, CWE:570, CWE:571, CWE:697 |
| Bad Classmethod Argument (Pylint) |
CWE:1099 |
| Bad Configuration Section (Pylint) |
- |
| Bad Except Order (Pylint) |
CWE:755 |
| Bad Exception Cause (Pylint) |
CWE:755 |
| Bad File Encoding (Pylint) |
CWE:1078 |
| Bad Format Character (Pylint) |
CWE:687 |
| Bad Format String (Pylint) |
CWE:687 |
| Bad Format String Key (Pylint) |
CWE:687 |
| Bad Indentation (Pylint) |
CWE:1078 |
| Bad Inline Option (Pylint) |
- |
| Bad Mcs Classmethod Argument (Pylint) |
CWE:1099 |
| Bad Mcs Method Argument (Pylint) |
CWE:1099 |
| Bad Open Mode (Pylint) |
CWE:628, CWE:732 |
| Bad Plugin Value (Pylint) |
- |
| Bad Reversed Sequence (Pylint) |
CWE:686 |
| Bad Staticmethod Argument (Pylint) |
CWE:1099 |
| Bad Str Strip Call (Pylint) |
CWE:687 |
| Bad String Format Type (Pylint) |
CWE:686 |
| Bad Super Call (Pylint) |
CWE:687 |
| Bad Thread Instantiation (Pylint) |
CWE:628 |
| Bare Except (Pylint) |
CWE:396, CWE:1076 |
| Bidirectional Unicode (Pylint) |
CWE:1078 |
| Binary Op Exception (Pylint) |
CWE:754 |
| Boolean Datetime (Pylint) |
- |
| Broad Exception Caught (Pylint) |
CWE:396 |
| Broad Exception Raised (Pylint) |
CWE:755 |
| C Extension No Member (Pylint) |
- |
| Catching Non Exception (Pylint) |
CWE:754 |
| Cell Var From Loop (Pylint) |
- |
| Chained Comparison (Pylint) |
CWE:1078 |
| Class Variable Slots Conflict (Pylint) |
CWE:694 |
| Comparison With Callable (Pylint) |
CWE:570, CWE:571, CWE:1025 |
| Comparison With Itself (Pylint) |
CWE:570, CWE:571, CWE:1164 |
| Comparison of Constants (Pylint) |
CWE:570, CWE:571 |
| Condition Evals to Constant (Pylint) |
CWE:570, CWE:571, CWE:1164 |
| Config Parse Error (Pylint) |
- |
| Confusing With Statement (Pylint) |
CWE:229 |
| Consider Iterating Dictionary (Pylint) |
CWE:1076 |
| Consider Merging Isinstance (Pylint) |
CWE:1076 |
| Consider Swap Variables (Pylint) |
CWE:1076 |
| Consider Using Dict Comprehension (Pylint) |
CWE:1076 |
| Consider Using Dict Items (Pylint) |
CWE:1076 |
| Consider Using Enumerate (Pylint) |
CWE:1076 |
| Consider Using F String (Pylint) |
CWE:1076 |
| Consider Using From Import (Pylint) |
CWE:1076 |
| Consider Using Generator (Pylint) |
CWE:1076 |
| Consider Using Get (Pylint) |
CWE:1076 |
| Consider Using Join (Pylint) |
CWE:1076 |
| Consider Using Max Builtin (Pylint) |
CWE:1076 |
| Consider Using Min Builtin (Pylint) |
CWE:1076 |
| Consider Using Set Comprehension (Pylint) |
CWE:1076 |
| Consider Using Sys Exit (Pylint) |
CWE:589, CWE:1076 |
| Consider Using Ternary (Pylint) |
CWE:1076 |
| Consider Using With (Pylint) |
CWE:664 |
| Consider Using in (Pylint) |
CWE:1076 |
| Continue in Finally (Pylint) |
CWE:755 |
| Copy-Paste Error |
CWE:1041 |
| Cyclic Import (Pylint) |
CWE:1047 |
| Dangerous Default Value (Pylint) |
- |
| Deprecated Argument (Pylint) |
CWE:1076 |
| Deprecated Class (Pylint) |
CWE:1076 |
| Deprecated Decorator (Pylint) |
CWE:1076 |
| Deprecated Method (Pylint) |
CWE:477, CWE:1076 |
| Deprecated Module (Pylint) |
CWE:1076 |
| Deprecated Pragma (Pylint) |
CWE:1076 |
| Dict Iter Missing Items (Pylint) |
CWE:229 |
| Disallowed Name (Pylint) |
CWE:1099 |
| Duplicate Argument Name (Pylint) |
CWE:694 |
| Duplicate Bases (Pylint) |
- |
| Duplicate Code (Pylint) |
CWE:1041 |
| Duplicate Except (Pylint) |
CWE:754, CWE:1164 |
| Duplicate Key (Pylint) |
CWE:462 |
| Duplicate String Formatting Argument (Pylint) |
CWE:1076 |
| Duplicate Value (Pylint) |
- |
| Empty Docstring (Pylint) |
CWE:1059 |
| Eval Used (Pylint) |
CWE:94, CWE:676 |
| Exec Used (Pylint) |
CWE:94, CWE:676 |
| Expression Not Assigned (Pylint) |
CWE:1164 |
| F String Without Interpolation (Pylint) |
CWE:1164 |
| Fatal (Pylint) |
- |
| File Ignored (Pylint) |
- |
| Fixme (Pylint) |
CWE:546 |
| Forgotten Debug Statement (Pylint) |
CWE:489 |
| Format Combined Specification (Pylint) |
CWE:1076 |
| Format Needs Mapping (Pylint) |
CWE:628 |
| Format String Without Interpolation (Pylint) |
CWE:1164 |
| Function Redefined (Pylint) |
CWE:694 |
| Global Statement (Pylint) |
CWE:1108 |
| Global Variable Not Assigned (Pylint) |
CWE:1164 |
| Global Variable Undefined (Pylint) |
CWE:1076 |
| Global at Module Level (Pylint) |
CWE:1164 |
| Implicit Flag Alias (Pylint) |
CWE:1076 |
| Implicit Str Concat (Pylint) |
- |
| Import Error (Pylint) |
- |
| Import Outside Toplevel (Pylint) |
CWE:1076 |
| Import Self (Pylint) |
CWE:1047 |
| Inconsistent Mro (Pylint) |
CWE:573 |
| Inconsistent Quotes (Pylint) |
CWE:1078 |
| Inconsistent Return Statements (Pylint) |
- |
| Inherit Non Class (Pylint) |
CWE:573 |
| Init Is Generator (Pylint) |
CWE:573 |
| Invalid All Format (Pylint) |
CWE:573 |
| Invalid All Object (Pylint) |
CWE:573 |
| Invalid Bool Returned (Pylint) |
CWE:573 |
| Invalid Bytes Returned (Pylint) |
CWE:573 |
| Invalid Character Backspace (Pylint) |
CWE:1078 |
| Invalid Character Carriage Return (Pylint) |
CWE:1078 |
| Invalid Character Esc (Pylint) |
CWE:1078 |
| Invalid Character Nul (Pylint) |
CWE:1078 |
| Invalid Character Sub (Pylint) |
CWE:1078 |
| Invalid Character Zero Width Space (Pylint) |
CWE:1078 |
| Invalid Characters in Docstring (Pylint) |
- |
| Invalid Class Object (Pylint) |
- |
| Invalid Enum Extension (Pylint) |
CWE:573 |
| Invalid Envvar Default (Pylint) |
CWE:453 |
| Invalid Envvar Value (Pylint) |
CWE:686 |
| Invalid Field Call (Pylint) |
CWE:573 |
| Invalid Format Index (Pylint) |
CWE:118 |
| Invalid Format Returned (Pylint) |
CWE:573 |
| Invalid Getnewargs Ex Returned (Pylint) |
CWE:573 |
| Invalid Getnewargs Returned (Pylint) |
CWE:573 |
| Invalid Hash Returned (Pylint) |
CWE:573 |
| Invalid Index Returned (Pylint) |
CWE:573 |
| Invalid Length Hint Returned (Pylint) |
CWE:573 |
| Invalid Length Returned (Pylint) |
CWE:573 |
| Invalid Metaclass (Pylint) |
CWE:573 |
| Invalid Name (Pylint) |
CWE:1099 |
| Invalid Overridden Method (Pylint) |
CWE:1076 |
| Invalid Repr Returned (Pylint) |
CWE:573 |
| Invalid Sequence Index (Pylint) |
CWE:118, CWE:573 |
| Invalid Slice Index (Pylint) |
CWE:118, CWE:573 |
| Invalid Slice Step (Pylint) |
CWE:573 |
| Invalid Slots (Pylint) |
CWE:573 |
| Invalid Slots Object (Pylint) |
CWE:573 |
| Invalid Star Assignment Target (Pylint) |
CWE:573 |
| Invalid Str Returned (Pylint) |
CWE:573 |
| Invalid Unary Operand Type (Pylint) |
CWE:480, CWE:573, CWE:686 |
| Invalid Unicode Codec (Pylint) |
CWE:1078 |
| Isinstance Second Argument Not Valid Type (Pylint) |
CWE:686 |
| Keyword Arg Before Vararg (Pylint) |
CWE:628 |
| Kwarg Superseded By Positional Arg (Pylint) |
CWE:628 |
| Line Too Long (Pylint) |
CWE:1078 |
| Literal Comparison (Pylint) |
CWE:570, CWE:571, CWE:597 |
| Locally Disabled (Pylint) |
- |
| Logging Format Interpolation (Pylint) |
CWE:1076 |
| Logging Format Truncated (Pylint) |
CWE:628 |
| Logging Fstring Interpolation (Pylint) |
CWE:1076 |
| Logging Not Lazy (Pylint) |
CWE:1076 |
| Logging Too Few Args (Pylint) |
CWE:685 |
| Logging Too Many Args (Pylint) |
CWE:685 |
| Logging Unsupported Format (Pylint) |
CWE:687 |
| Lost Exception (Pylint) |
CWE:584, CWE:755 |
| Method Cache Max Size None (Pylint) |
CWE:770 |
| Method Check Failed (Pylint) |
- |
| Method Hidden (Pylint) |
CWE:694 |
| Misplaced Bare Raise (Pylint) |
CWE:573 |
| Misplaced Format Function (Pylint) |
CWE:686 |
| Misplaced Future (Pylint) |
CWE:573 |
| Missing Class Docstring (Pylint) |
CWE:1059 |
| Missing Final Newline (Pylint) |
CWE:1114 |
| Missing Format Argument Key (Pylint) |
CWE:628 |
| Missing Format Attribute (Pylint) |
CWE:686 |
| Missing Format String Key (Pylint) |
CWE:628 |
| Missing Function Docstring (Pylint) |
CWE:1059 |
| Missing Kwoa (Pylint) |
CWE:628 |
| Missing Module Docstring (Pylint) |
CWE:1059 |
| Missing Parentheses for Call in Test (Pylint) |
CWE:570, CWE:571 |
| Missing Timeout (Pylint) |
CWE:1088 |
| Mixed Format String (Pylint) |
CWE:1076 |
| Mixed Line Endings (Pylint) |
CWE:1114 |
| Modified Iterating Dict (Pylint) |
CWE:664, CWE:1095 |
| Modified Iterating List (Pylint) |
CWE:664, CWE:1095 |
| Modified Iterating Set (Pylint) |
CWE:664, CWE:1095 |
| Multiple Imports (Pylint) |
CWE:1078 |
| Multiple Statements (Pylint) |
CWE:1078 |
| Named Expr Without Context (Pylint) |
CWE:1078 |
| Nan Comparison (Pylint) |
CWE:1077 |
| Nested Min Max (Pylint) |
CWE:1078 |
| No Classmethod Decorator (Pylint) |
CWE:1078 |
| No Else Break (Pylint) |
CWE:1078 |
| No Else Continue (Pylint) |
CWE:1078 |
| No Else Raise (Pylint) |
CWE:1078 |
| No Else Return (Pylint) |
CWE:1078 |
| No Member (Pylint) |
CWE:573 |
| No Method Argument (Pylint) |
CWE:573 |
| No Name in Module (Pylint) |
CWE:573 |
| No Self Argument (Pylint) |
CWE:1076 |
| No Staticmethod Decorator (Pylint) |
CWE:1078 |
| No Value for Parameter (Pylint) |
CWE:685 |
| Non Ascii File Name (Pylint) |
CWE:1076 |
| Non Ascii Module Import (Pylint) |
CWE:1078 |
| Non Ascii Name (Pylint) |
CWE:1078 |
| Non Iterator Returned (Pylint) |
CWE:573 |
| Non Parent Init Called (Pylint) |
CWE:1076 |
| Non Str Assignment to Dunder Name (Pylint) |
CWE:573 |
| Nonexistent Operator (Pylint) |
CWE:573 |
| Nonlocal Without Binding (Pylint) |
CWE:573 |
| Nonlocal and Global (Pylint) |
CWE:573 |
| Not Async Context Manager (Pylint) |
CWE:573 |
| Not Callable (Pylint) |
CWE:573 |
| Not Context Manager (Pylint) |
CWE:573 |
| Not a Mapping (Pylint) |
CWE:686 |
| Not an Iterable (Pylint) |
CWE:686 |
| Not in Loop (Pylint) |
CWE:573 |
| Notimplemented Raised (Pylint) |
CWE:755 |
| Overridden Final Method (Pylint) |
CWE:1076 |
| Parse Error (Pylint) |
- |
| Pointless Exception Statement (Pylint) |
CWE:1164 |
| Pointless Statement (Pylint) |
CWE:1164 |
| Pointless String Statement (Pylint) |
CWE:1164 |
| Positional Only Arguments Expected (Pylint) |
CWE:628 |
| Possibly Unused Variable (Pylint) |
CWE:563 |
| Potential Index Error (Pylint) |
CWE:125, CWE:787 |
| Preferred Module (Pylint) |
CWE:1076 |
| Property With Parameters (Pylint) |
CWE:573 |
| Protected Access (Pylint) |
CWE:573 |
| Raise Missing From (Pylint) |
- |
| Raising Bad Type (Pylint) |
CWE:755 |
| Raising Format Tuple (Pylint) |
CWE:628, CWE:755 |
| Raising Non Exception (Pylint) |
CWE:755 |
| Raw Checker Failed (Pylint) |
- |
| Redeclared Assigned Name (Pylint) |
CWE:563 |
| Redefined Argument From Local (Pylint) |
CWE:1076 |
| Redefined Builtin (Pylint) |
CWE:1076 |
| Redefined Outer Name (Pylint) |
CWE:1076 |
| Redefined Slots in Subclass (Pylint) |
CWE:1076 |
| Redundant Keyword Arg (Pylint) |
CWE:628 |
| Redundant U String Prefix (Pylint) |
CWE:1078 |
| Redundant Unittest Assert (Pylint) |
CWE:570, CWE:571 |
| Reimported (Pylint) |
CWE:1164 |
| Relative Beyond Top Level (Pylint) |
CWE:1076 |
| Repeated Keyword (Pylint) |
CWE:628 |
| Return Arg in Generator (Pylint) |
CWE:573 |
| Return Outside Function (Pylint) |
CWE:573 |
| Return in Finally (Pylint) |
CWE:584 |
| Return in Init (Pylint) |
CWE:573 |
| Self Assigning Variable (Pylint) |
CWE:1164 |
| Self Cls Assignment (Pylint) |
CWE:1076 |
| Shadowed Import (Pylint) |
CWE:694, CWE:1164 |
| Shallow Copy Environ (Pylint) |
CWE:480 |
| Signature Differs (Pylint) |
CWE:1076 |
| Simplifiable Condition (Pylint) |
CWE:1164 |
| Simplifiable If Expression (Pylint) |
CWE:1164 |
| Simplifiable If Statement (Pylint) |
CWE:1164 |
| Simplify Boolean Expression (Pylint) |
CWE:1164 |
| Single String Used for Slots (Pylint) |
CWE:573 |
| Singledispatch Method (Pylint) |
CWE:573 |
| Singledispatchmethod Function (Pylint) |
CWE:573 |
| Singleton Comparison (Pylint) |
CWE:1164 |
| Star Needs Assignment Target (Pylint) |
CWE:573 |
| Stop Iteration Return (Pylint) |
CWE:573 |
| Subclassed Final Class (Pylint) |
CWE:1076 |
| Subprocess Popen Preexec Fn (Pylint) |
CWE:833 |
| Subprocess Run Check (Pylint) |
CWE:1076 |
| Super Init Not Called (Pylint) |
CWE:1076 |
| Super With Arguments (Pylint) |
CWE:1076 |
| Super Without Brackets (Pylint) |
CWE:573, CWE:628 |
| Superfluous Parens (Pylint) |
CWE:1078 |
| Suppressed Message (Pylint) |
- |
| Syntax Error (Pylint) |
CWE:573 |
| Too Few Format Args (Pylint) |
CWE:685 |
| Too Few Public Methods (Pylint) |
CWE:1078 |
| Too Many Ancestors (Pylint) |
CWE:1055, CWE:1078, CWE:1120 |
| Too Many Arguments (Pylint) |
CWE:1064, CWE:1078, CWE:1120 |
| Too Many Boolean Expressions (Pylint) |
CWE:1078, CWE:1120 |
| Too Many Branches (Pylint) |
CWE:1078, CWE:1120 |
| Too Many Format Args (Pylint) |
CWE:685 |
| Too Many Function Args (Pylint) |
CWE:685 |
| Too Many Instance Attributes (Pylint) |
CWE:1078, CWE:1120 |
| Too Many Lines (Pylint) |
CWE:1080 |
| Too Many Locals (Pylint) |
CWE:1078, CWE:1120 |
| Too Many Nested Blocks (Pylint) |
CWE:1078, CWE:1124 |
| Too Many Public Methods (Pylint) |
CWE:1078, CWE:1120 |
| Too Many Return Statements (Pylint) |
CWE:1078, CWE:1120 |
| Too Many Star Expressions (Pylint) |
CWE:573 |
| Too Many Statements (Pylint) |
CWE:1078, CWE:1120 |
| Trailing Comma Tuple (Pylint) |
CWE:1078 |
| Trailing Newlines (Pylint) |
CWE:1114 |
| Trailing Whitespace (Pylint) |
CWE:1114 |
| Truncated Format String (Pylint) |
CWE:687 |
| Try Except Raise (Pylint) |
CWE:755, CWE:1164 |
| Typevar Double Variance (Pylint) |
CWE:1076 |
| Typevar Name Incorrect Variance (Pylint) |
CWE:1099 |
| Typevar Name Mismatch (Pylint) |
CWE:1099 |
| Unbalanced Dict Unpacking (Pylint) |
CWE:573 |
| Unbalanced Tuple Unpacking (Pylint) |
CWE:573 |
| Undefined All Variable (Pylint) |
CWE:573 |
| Undefined Loop Variable (Pylint) |
CWE:573 |
| Undefined Variable (Pylint) |
CWE:573 |
| Unexpected Keyword Arg (Pylint) |
CWE:628 |
| Unexpected Line Ending Format (Pylint) |
CWE:1114 |
| Unexpected Special Method Signature (Pylint) |
CWE:573 |
| Ungrouped Imports (Pylint) |
CWE:1078 |
| Unhashable Member (Pylint) |
CWE:573 |
| Unidiomatic Typecheck (Pylint) |
CWE:1076 |
| Unknown Option Value (Pylint) |
- |
| Unnecessary Comprehension (Pylint) |
CWE:1078, CWE:1120 |
| Unnecessary Dict Index Lookup (Pylint) |
CWE:1078, CWE:1120 |
| Unnecessary Direct Lambda Call (Pylint) |
CWE:1078, CWE:1120 |
| Unnecessary Dunder Call (Pylint) |
CWE:1078 |
| Unnecessary Ellipsis (Pylint) |
CWE:1078, CWE:1164 |
| Unnecessary Lambda (Pylint) |
CWE:1164 |
| Unnecessary Lambda Assignment (Pylint) |
CWE:1078 |
| Unnecessary List Index Lookup (Pylint) |
CWE:1078, CWE:1120 |
| Unnecessary Negation (Pylint) |
CWE:1078 |
| Unnecessary Pass (Pylint) |
CWE:1078, CWE:1164 |
| Unnecessary Semicolon (Pylint) |
CWE:1078 |
| Unpacking Non Sequence (Pylint) |
CWE:573 |
| Unreachable (Pylint) |
CWE:561 |
| Unrecognized Inline Option (Pylint) |
- |
| Unrecognized Option (Pylint) |
- |
| Unspecified Encoding (Pylint) |
CWE:758 |
| Unsubscriptable Object (Pylint) |
CWE:480, CWE:573 |
| Unsupported Assignment Operation (Pylint) |
CWE:480, CWE:573 |
| Unsupported Binary Operation (Pylint) |
CWE:480, CWE:573 |
| Unsupported Delete Operation (Pylint) |
CWE:480, CWE:573 |
| Unsupported Membership Test (Pylint) |
CWE:480, CWE:573 |
| Unused Argument (Pylint) |
CWE:1164 |
| Unused Format String Argument (Pylint) |
CWE:1164 |
| Unused Format String Key (Pylint) |
CWE:1164 |
| Unused Import (Pylint) |
CWE:1164 |
| Unused Private Member (Pylint) |
CWE:1164 |
| Unused Variable (Pylint) |
CWE:563 |
| Unused Wildcard Import (Pylint) |
CWE:1076 |
| Use Dict Literal (Pylint) |
CWE:1078 |
| Use Implicit Booleaness Not Comparison (Pylint) |
CWE:1023, CWE:1076 |
| Use Implicit Booleaness Not Comparison to String (Pylint) |
CWE:1023, CWE:1076 |
| Use Implicit Booleaness Not Comparison to Zero (Pylint) |
CWE:1023, CWE:1076 |
| Use Implicit Booleaness Not Len (Pylint) |
CWE:1023, CWE:1076 |
| Use List Literal (Pylint) |
CWE:1078 |
| Use Maxsplit Arg (Pylint) |
CWE:1076 |
| Use Sequence for Iteration (Pylint) |
CWE:1076 |
| Use Symbolic Message Instead (Pylint) |
- |
| Use a Generator (Pylint) |
CWE:1076 |
| Used Before Assignment (Pylint) |
CWE:573 |
| Used Prior Global Declaration (Pylint) |
CWE:573 |
| Useless Else on Loop (Pylint) |
CWE:561 |
| Useless Import Alias (Pylint) |
CWE:1164 |
| Useless Object Inheritance (Pylint) |
CWE:1164 |
| Useless Option Value (Pylint) |
- |
| Useless Parent Delegation (Pylint) |
CWE:1164 |
| Useless Return (Pylint) |
CWE:1164 |
| Useless Suppression (Pylint) |
- |
| Useless With Lock (Pylint) |
CWE:413, CWE:1164 |
| Using Constant Test (Pylint) |
CWE:570, CWE:571, CWE:1164 |
| Using F String in Unsupported Version (Pylint) |
CWE:573 |
| Using Final Decorator in Unsupported Version (Pylint) |
CWE:573 |
| Wildcard Import (Pylint) |
CWE:1078 |
| Wrong Exception Operation (Pylint) |
CWE:755 |
| Wrong Import Order (Pylint) |
CWE:1078 |
| Wrong Import Position (Pylint) |
CWE:1078 |
| Wrong Spelling in Comment (Pylint) |
- |
| Wrong Spelling in Docstring (Pylint) |
- |
| Yield Inside Async Function (Pylint) |
CWE:573 |
| Yield Outside Function (Pylint) |
CWE:573 |