The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
abstraction Base
status Draft
The product's user interface does not warn the user before undertaking an unsafe action on behalf of that user. This makes it easier for attackers to trick users into inflicting damage to their system.
abstraction Base
status Incomplete
The user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.
abstraction Base
status Draft
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
abstraction Base
status Draft
The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.
abstraction Base
status Incomplete
Security based on event locations are insecure and can be spoofed.
abstraction Base
status Incomplete
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
abstraction Class
status Draft
The product checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the access is performed, causing the product to access the wrong file.
abstraction Base
status Draft
The product uses a signal handler that introduces a race condition.
abstraction Base
status Incomplete
This entry has been deprecated. There are no documented cases in which a switch's control expression is evaluated more than once.
abstraction Base
status Deprecated
If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined.
abstraction Base
status Draft
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.
abstraction Base
status Incomplete
A product performs a series of non-atomic actions to switch between contexts that cross privilege or other security boundaries, but a race condition allows an attacker to modify or misrepresent the product's behavior during the switch.
abstraction Base
status Draft
The product divides a value by zero.
abstraction Base
status Draft
The product does not check the revocation status of a certificate after its initial revocation check, which can cause the product to perform privileged actions even after the certificate is revoked at a later time.
abstraction Variant
status Draft
The product does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.
abstraction Base
status Draft
This entry was deprecated because it overlapped the same concepts as race condition (CWE-362) and Improper Synchronization (CWE-662).
abstraction Base
status Deprecated
The product sends non-cloned mutable data as an argument to a method or function.
abstraction Base
status Draft
Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function.
abstraction Base
status Draft
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
abstraction Class
status Incomplete
Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack.
abstraction Base
status Draft
The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.
abstraction Base
status Incomplete
A J2EE application uses System.exit(), which also shuts down its container.
abstraction Variant
status Draft
Thread management in a Web application is forbidden in some circumstances and is always highly error prone.
abstraction Variant
status Draft
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
abstraction Compound
status Incomplete
Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.
abstraction Base
status Incomplete
A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.
abstraction Base
status Draft
The product detects a specific error, but takes no actions to handle the error.
abstraction Base
status Draft
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
abstraction Base
status Incomplete
The product encounters an error but does not provide a status code or return value to indicate that an error has occurred.
abstraction Base
status Draft
A function or operation returns an incorrect return value or status code that does not indicate the true result of execution, causing the product to modify its behavior based on the incorrect result.
abstraction Base
status Draft
The product does not properly check when a function or operation returns a value that is legitimate for the function, but is not expected by the product.
abstraction Base
status Draft
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
abstraction Base
status Draft
Catching overly broad exceptions promotes complex error handling code that is more likely to contain security vulnerabilities.
abstraction Base
status Draft
The product throws or raises an overly broad exceptions that can hide important details and produce inappropriate responses to certain conditions.
abstraction Base
status Draft
The product does not properly control the allocation and maintenance of a limited resource.
abstraction Class
status Draft
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
abstraction Variant
status Draft
The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.
abstraction Class
status Draft
A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.
abstraction Base
status Draft
The product does not release or incorrectly releases a resource before it is made available for re-use.
abstraction Class
status Draft
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."
abstraction Class
status Incomplete
The product does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the product to transmit more traffic than should be allowed for that actor.
abstraction Class
status Incomplete
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
abstraction Class
status Incomplete
The product allows an entity to perform a legitimate but expensive operation before authentication or authorization has taken place.
abstraction Base
status Draft
The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.
abstraction Base
status Incomplete
The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
abstraction Class
status Incomplete
The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.
abstraction Base
status Incomplete
The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.
abstraction Base
status Draft
A product does not check to see if a lock is present before performing sensitive operations on a resource.
abstraction Base
status Draft
The product calls free() twice on the same memory address.
abstraction Variant
status Draft
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
abstraction Variant
status Stable
The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.
abstraction Base
status Draft
The product protects a primary channel, but it does not use the same level of protection for an alternate channel.
abstraction Base
status Draft
The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.
abstraction Base
status Draft
The product does not properly verify the source of a message in the Windows Messaging System while running at elevated privileges, creating an alternate channel through which an attacker can directly send a message to the product.
abstraction Variant
status Draft
This entry has been deprecated because it was a duplicate of CWE-441. All content has been transferred to CWE-441.
abstraction Base
status Deprecated
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
abstraction Class
status Draft
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
abstraction Base
status Incomplete
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
abstraction Base
status Stable
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
abstraction Base
status Draft
The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
abstraction Base
status Draft
The wrong "handler" is assigned to process an object.
abstraction Base
status Incomplete
A handler is not available or implemented.
abstraction Base
status Draft
The product uses a signal handler that shares state with other signal handlers, but it does not properly mask or prevent those signal handlers from being invoked while the original signal handler is still running.
abstraction Base
status Draft
The product stores raw content or supporting code under the web document root with an extension that is not specifically handled by the server.
abstraction Variant
status Incomplete
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
abstraction Base
status Draft
An interaction error occurs when two entities have correct behavior when running independently of each other, but when they are integrated as components in a larger system or process, they introduce incorrect behaviors that may cause resultant weaknesses.
abstraction Pillar
status Draft
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.
abstraction Class
status Incomplete
A product acts as an intermediary or monitor between two or more endpoints, but it does not have a complete model of an endpoint's features, behaviors, or state, potentially causing the product to perform incorrect actions based on this incomplete model.
abstraction Base
status Incomplete
A's behavior or functionality changes with a new version of A, or a new environment, which is not known (or manageable) by B.
abstraction Base
status Draft
A feature, API, or function does not perform according to its specification.
abstraction Base
status Draft
The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor.
abstraction Class
status Draft
This weakness can be found at CWE-113.
abstraction Base
status Deprecated
The product acts as an intermediary HTTP agent
(such as a proxy or firewall) in the data flow between two
entities such as a client and server, but it does not
interpret malformed HTTP requests or responses in ways that
are consistent with how the messages will be processed by
those entities that are at the ultimate destination.
abstraction Base
status Incomplete
The user interface does not correctly enable or configure a security feature, but the interface provides feedback that causes the user to believe that the feature is in a secure state.
abstraction Class
status Incomplete
A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but the underlying functionality is not implemented.
abstraction Base
status Draft
A UI function is obsolete and the product does not warn the user.
abstraction Base
status Draft
The UI performs the wrong action with respect to the user's request.
abstraction Base
status Incomplete
The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation.
abstraction Base
status Draft
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
abstraction Class
status Draft