CWE-1119 – Excessive Use of Unconditional Branching
Description The code uses too many unconditional branches (such as "goto"). Modes of Introduction: Related Weaknesses CWE-1120 Consequences Other: Reduce Maintainability ...
CWE-112 – Missing XML Validation
Description The software accepts XML from an untrusted source but does not validate the XML against the proper schema. Most successful attacks begin with a...
CWE-1085 – Invokable Control Element with Excessive Volume of Commented-out Code
Description A function, method, procedure, etc. contains an excessive amount of code that has been commented out within its body. Modes of Introduction: ...
CWE-1086 – Class with Excessive Number of Child Classes
Description A class contains an unnecessarily large number of children. Modes of Introduction: Related Weaknesses CWE-1093 Consequences Other: Reduce Maintainability Potential...
CWE-1087 – Class with Virtual Method without a Virtual Destructor
Description A class contains a virtual method, but the method does not have an associated virtual destructor. Modes of Introduction: Related Weaknesses CWE-1076...
CWE-1088 – Synchronous Access of Remote Resource without Timeout
Description The code has a synchronous call to a remote resource, but there is no timeout for the call, or the timeout is set to...
CWE-1089 – Large Data Table with Excessive Number of Indices
Description The software uses a large data table that contains an excessively large number of indices. Modes of Introduction: Related Weaknesses CWE-405 ...
CWE-109 – Struts: Validator Turned Off
Description Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to...
CWE-1090 – Method Containing Access of a Member Element from Another Class
Description A method for a class performs an operation that directly accesses a member element from another class. Modes of Introduction: Related Weaknesses...
CWE-1091 – Use of Object without Invoking Destructor Method
Description The software contains a method that accesses an object but does not later invoke the element's associated finalize/destructor method. Modes of Introduction: ...