CWE-471 – Modification of Assumed-Immutable Data (MAID)
Description The software does not properly protect an assumed-immutable element from being modified by an attacker. This occurs when a particular input is critical enough...
CWE-470 – Use of Externally-Controlled Input to Select Classes or Code (‘Unsafe Reflection’)
Description The application uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from...
CWE-47 – Path Equivalence: ‘ filename’ (Leading Space)
Description A software system that accepts path input in the form of leading space (' filedir') without appropriate validation can lead to ambiguous path resolution...
CWE-469 – Use of Pointer Subtraction to Determine Size
Description The application subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers do not exist...
CWE-468 – Incorrect Pointer Scaling
Description In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled....
CWE-467 – Use of sizeof() on a Pointer Type
Description The code calls sizeof() on a malloced pointer type, which always returns the wordsize/8. This can produce an unexpected result if the programmer intended...
CWE-466 – Return of Pointer Value Outside of Expected Range
Description A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference. Modes of Introduction:...
CWE-464 – Addition of Data Structure Sentinel
Description The accidental addition of a data-structure sentinel can cause serious programming logic problems. Data-structure sentinels are often used to mark the structure of data....
CWE-463 – Deletion of Data Structure Sentinel
Description The accidental deletion of a data-structure sentinel can cause serious programming logic problems. Often times data-structure sentinels are used to mark structure of the...
CWE-462 – Duplicate Key in Associative List (Alist)
Description Duplicate keys in associative lists can lead to non-unique keys being mistaken for an error. A duplicate key entry -- if the alist is...