CWE-236 – Improper Handling of Undefined Parameters
Description The software does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product....
CWE-237 – Improper Handling of Structural Elements
Description The software does not handle or incorrectly handles inputs that are related to complex structures. Modes of Introduction: Related Weaknesses CWE-228 ...
CWE-238 – Improper Handling of Incomplete Structural Elements
Description The software does not handle or incorrectly handles when a particular structural element is not completely specified. Modes of Introduction: - Architecture and Design...
CWE-200 – Exposure of Sensitive Information to an Unauthorized Actor
Description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. Modes of Introduction: - Architecture...
CWE-201 – Insertion of Sensitive Information Into Sent Data
Description The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor....
CWE-202 – Exposure of Sensitive Information Through Data Queries
Description When trying to keep information confidential, an attacker can often infer some of the information by using statistics. In situations where data should not...
CWE-203 – Observable Discrepancy
Description The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant...
CWE-204 – Observable Response Discrepancy
Description The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended...
CWE-205 – Observable Behavioral Discrepancy
Description The product's behaviors indicate important differences that may be observed by unauthorized actors in a way that reveals (1) its internal state or decision...
CWE-206 – Observable Internal Behavioral Discrepancy
Description The product performs multiple behaviors that are combined to produce a single result, but the individual behaviors are observable separately in a way that...