CWE-12 – ASP.NET Misconfiguration: Missing Custom Error Page
Description An ASP .NET application must enable custom error pages in order to prevent attackers from mining information from the framework's built-in responses. The mode...
CWE-1193 – Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
Description The product enables components that contain untrusted firmware before memory and fabric access controls have been enabled. Modes of Introduction: Related Weaknesses...
CWE-1192 – System-on-Chip (SoC) Using Components without Unique, Immutable Identifiers
Description The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components. Modes of Introduction: - Architecture and Design Related...
CWE-1191 – On-Chip Debug and Test Interface With Improper Access Control
Description The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test...
CWE-1190 – DMA Device Enabled Too Early in Boot Phase
Description The product enables a Direct Memory Access (DMA) capable device before the security configuration settings are established, which allows an attacker to extract data...
CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer
Description The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the...
CWE-1189 – Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
Description The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents. Modes of Introduction: - Architecture and Design Related...
CWE-1188 – Insecure Default Initialization of Resource
Description The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not...
CWE-1187 – DEPRECATED: Use of Uninitialized Resource
Description This entry has been deprecated because it was a duplicate of CWE-908. All content has been transferred to CWE-908. Modes of Introduction: ...
CWE-118 – Incorrect Access of Indexable Resource (‘Range Error’)
Description The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such...