CWE-762 – Mismatched Memory Management Routines
Description The application attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function...
CWE-761 – Free of Pointer not at Start of Buffer
Description The application calls free() on a pointer to a memory resource that was allocated on the heap, but the pointer is not at the...
CWE-760 – Use of a One-Way Hash with a Predictable Salt
Description The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software uses a...
CWE-76 – Improper Neutralization of Equivalent Special Elements
Description The software properly neutralizes certain special elements, but it improperly neutralizes equivalent special elements. The software may have a fixed list of special characters...
CWE-759 – Use of a One-Way Hash without a Salt
Description The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not...
CWE-758 – Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Description The software uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to...
CWE-757 – Selection of Less-Secure Algorithm During Negotiation (‘Algorithm Downgrade’)
Description A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection...
CWE-756 – Missing Custom Error Page
Description The software does not return custom error pages to the user, possibly exposing sensitive information. Modes of Introduction: Likelihood of Exploit: Related Weaknesses...
CWE-755 – Improper Handling of Exceptional Conditions
Description The software does not handle or incorrectly handles an exceptional condition. Modes of Introduction: - Implementation Likelihood of Exploit: Medium Related Weaknesses CWE-703...
CWE-754 – Improper Check for Unusual or Exceptional Conditions
Description The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day...
