CWE-755 – Improper Handling of Exceptional Conditions
Description The software does not handle or incorrectly handles an exceptional condition. Modes of Introduction: - Implementation Likelihood of Exploit: Medium Related Weaknesses CWE-703...
CWE-754 – Improper Check for Unusual or Exceptional Conditions
Description The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day...
CWE-75 – Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Description The software does not adequately filter user-controlled input for special elements with control implications. Modes of Introduction: - Architecture and Design Likelihood of Exploit:...
CWE-749 – Exposed Dangerous Method or Function
Description The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or...
CWE-74 – Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’)
Description The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not...
CWE-733 – Compiler Optimization Removal or Modification of Security-critical Code
Description The developer builds a security-critical protection mechanism into the software, but the compiler optimizes the program such that the mechanism is removed or modified....
CWE-732 – Incorrect Permission Assignment for Critical Resource
Description The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. When...
CWE-73 – External Control of File Name or Path
Description The software allows user input to control or influence paths or file names that are used in filesystem operations. Modes of Introduction: - Architecture...
CWE-72 – Improper Handling of Apple HFS+ Alternate Data Stream Path
Description The software does not properly handle special paths that may identify the data or resource fork of a file on the HFS+ file system....
CWE-710 – Improper Adherence to Coding Standards
Description The software does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities....
