CWE-697 – Incorrect Comparison
Description The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses. Modes of Introduction: -...
CWE-698 – Execution After Redirect (EAR)
Description The web application sends a redirect to another location, but instead of exiting, it executes additional code. Modes of Introduction: - Implementation Likelihood of...
CWE-7 – J2EE Misconfiguration: Missing Custom Error Page
Description The default error page of a web application should not display sensitive information about the software system. Modes of Introduction: - Architecture and Design...
CWE-703 – Improper Check or Handling of Exceptional Conditions
Description The software does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the software. Modes of Introduction: - Architecture...
CWE-704 – Incorrect Type Conversion or Cast
Description The software does not correctly convert an object, resource, or structure from one type to a different type. Modes of Introduction: - Architecture and...
CWE-705 – Incorrect Control Flow Scoping
Description The software does not properly return control flow to the proper location after it has completed a task or detected an unusual condition. Modes...
CWE-706 – Use of Incorrectly-Resolved Name or Reference
Description The software uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended...
CWE-707 – Improper Neutralization
Description The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being...
CWE-708 – Incorrect Ownership Assignment
Description The software assigns an owner to a resource, but the owner is outside of the intended control sphere. This may allow the resource to...
CWE-71 – DEPRECATED: Apple ‘.DS_Store’
Description This entry has been deprecated as it represents a specific observed example of a UNIX Hard Link weakness type rather than its own individual...