CWE-460 – Improper Cleanup on Thrown Exception
Description The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or...
CWE-46 – Path Equivalence: ‘filename ‘ (Trailing Space)
Description A software system that accepts path input in the form of trailing space ('filedir ') without appropriate validation can lead to ambiguous path resolution...
CWE-459 – Incomplete Cleanup
Description The software does not properly "clean up" and remove temporary or supporting resources after they have been used. Modes of Introduction: - Architecture and...
CWE-458 – DEPRECATED: Incorrect Initialization
Description This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract...
CWE-457 – Use of Uninitialized Variable
Description The code uses a variable that has not been initialized, leading to unpredictable or unintended results. In some languages such as C and C++,...
CWE-456 – Missing Initialization of a Variable
Description The software does not initialize critical variables, which causes the execution environment to use unexpected values. Modes of Introduction: - Implementation Related...
CWE-455 – Non-exit on Failed Initialization
Description The software does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a...
CWE-454 – External Initialization of Trusted Variables or Data Stores
Description The software initializes critical internal variables or data stores using inputs that can be modified by untrusted actors. A software system should be reluctant...
CWE-453 – Insecure Default Variable Initialization
Description The software, by default, initializes an internal variable with an insecure or less secure value than is possible. Modes of Introduction: - Architecture and...
CWE-451 – User Interface (UI) Misrepresentation of Critical Information
Description The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured...