CWE-771 – Missing Reference to Active Allocated Resource
Description The software does not properly maintain a reference to a resource that has been allocated, which prevents the resource from being reclaimed. This does...
CWE-770 – Allocation of Resources Without Limits or Throttling
Description The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number...
CWE-77 – Improper Neutralization of Special Elements used in a Command (‘Command Injection’)
Description The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes...
CWE-769 – DEPRECATED: Uncontrolled File Descriptor Consumption
Description This entry has been deprecated because it was a duplicate of CWE-774. All content has been transferred to CWE-774. Modes of Introduction: Likelihood of...
CWE-768 – Incorrect Short Circuit Evaluation
Description The software contains a conditional statement with multiple logical expressions in which one of the non-leading expressions may produce side effects. This may lead...
CWE-767 – Access to Critical Private Variable via Public Method
Description The software defines a public method that reads or modifies a private variable. If an attacker modifies the variable to contain unexpected values, this...
CWE-766 – Critical Data Element Declared Public
Description The software declares a critical variable, field, or member to be public when intended security policy requires it to be private. Modes of Introduction:...
CWE-765 – Multiple Unlocks of a Critical Resource
Description The software unlocks a critical resource more times than intended, leading to an unexpected state in the system. When software is operating in a...
CWE-764 – Multiple Locks of a Critical Resource
Description The software locks a critical resource more times than intended, leading to an unexpected state in the system. When software is operating in a...
CWE-763 – Release of Invalid Pointer or Reference
Description The application attempts to return a memory resource to the system, but calls the wrong release function or calls the appropriate release function incorrectly....
