CWE-1025 – Comparison Using Wrong Factors
Description The code performs a comparison between two entities, but the comparison examines the wrong factors or characteristics of the entities, which can lead to...
CWE-1024 – Comparison of Incompatible Types
Description The software performs a comparison between two entities, but the entities are of different, incompatible types that cannot be guaranteed to provide correct results...
CWE-1023 – Incomplete Comparison with Missing Factors
Description The software performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one...
CWE-1022 – Use of Web Link to Untrusted Target with window.opener Access
Description The web application produces links to untrusted external sites outside of its sphere of control, but it does not properly prevent the external site...
CWE-1021 – Improper Restriction of Rendered UI Layers or Frames
Description The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead...
CWE-102 – Struts: Duplicate Validation Forms
Description The application uses multiple validation forms with the same name, which might cause the Struts Validator to validate a form that the programmer does...
CWE-1007 – Insufficient Visual Distinction of Homoglyphs Presented to User
Description The software displays information or identifiers to a user, but the display mechanism does not make it easy for the user to distinguish between...
CWE-1004 – Sensitive Cookie Without ‘HttpOnly’ Flag
Description The software uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag. The HttpOnly flag directs compatible...
USN-5448-1: ncurses vulnerabilities
It was discovered that ncurses was not properly checking array bounds when executing the fmt_entry function, which could result in an out-of-bounds write. An attacker...
CVE-2021-4232
A vulnerability classified as problematic has been found in Zoo Management System 1.0. Affected is an unknown function of the file admin/manage-ticket.php. The manipulation with...