CWE-764 – Multiple Locks of a Critical Resource
Description The software locks a critical resource more times than intended, leading to an unexpected state in the system. When software is operating in a...
CWE-763 – Release of Invalid Pointer or Reference
Description The application attempts to return a memory resource to the system, but calls the wrong release function or calls the appropriate release function incorrectly....
CWE-762 – Mismatched Memory Management Routines
Description The application attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function...
CWE-761 – Free of Pointer not at Start of Buffer
Description The application calls free() on a pointer to a memory resource that was allocated on the heap, but the pointer is not at the...
CWE-760 – Use of a One-Way Hash with a Predictable Salt
Description The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software uses a...
CWE-76 – Improper Neutralization of Equivalent Special Elements
Description The software properly neutralizes certain special elements, but it improperly neutralizes equivalent special elements. The software may have a fixed list of special characters...
CWE-759 – Use of a One-Way Hash without a Salt
Description The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not...
CWE-758 – Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Description The software uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to...
CWE-757 – Selection of Less-Secure Algorithm During Negotiation (‘Algorithm Downgrade’)
Description A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection...
CWE-756 – Missing Custom Error Page
Description The software does not return custom error pages to the user, possibly exposing sensitive information. Modes of Introduction: Likelihood of Exploit: Related Weaknesses...
