CWE-460 – Improper Cleanup on Thrown Exception
Description The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or...
CWE-462 – Duplicate Key in Associative List (Alist)
Description Duplicate keys in associative lists can lead to non-unique keys being mistaken for an error. A duplicate key entry -- if the alist is...
CWE-463 – Deletion of Data Structure Sentinel
Description The accidental deletion of a data-structure sentinel can cause serious programming logic problems. Often times data-structure sentinels are used to mark structure of the...
CWE-422 – Unprotected Windows Messaging Channel (‘Shatter’)
Description The software does not properly verify the source of a message in the Windows Messaging System while running at elevated privileges, creating an alternate...
CWE-423 – DEPRECATED: Proxied Trusted Channel
Description This entry has been deprecated because it was a duplicate of CWE-441. All content has been transferred to CWE-441. Modes of Introduction: ...
CWE-424 – Improper Protection of Alternate Path
Description The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources. Modes of Introduction: -...
CWE-425 – Direct Request (‘Forced Browsing’)
Description The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files. Web applications susceptible to direct request attacks often...
CWE-426 – Untrusted Search Path
Description The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control....
CWE-427 – Uncontrolled Search Path Element
Description The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the...
CWE-428 – Unquoted Search Path or Element
Description The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the...