CWE-191 – Integer Underflow (Wrap or Wraparound)
Description The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that...
CWE-190 – Integer Overflow or Wraparound
Description The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be...
CWE-188 – Reliance on Data/Memory Layout
Description The software makes invalid assumptions about how protocol data or memory is organized at a lower level, resulting in unintended program behavior. Modes of...
CWE-187 – Partial String Comparison
Description The software performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring,...
CWE-186 – Overly Restrictive Regular Expression
Description A regular expression is overly restrictive, which prevents dangerous values from being detected. This weakness is not about regular expression complexity. Rather, it is...
CWE-185 – Incorrect Regular Expression
Description The software specifies a regular expression in a way that causes data to be improperly matched or compared. When the regular expression is used...
CWE-184 – Incomplete List of Disallowed Inputs
Description The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or...
CWE-183 – Permissive List of Allowed Inputs
Description The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because...
CWE-182 – Collapse of Data into Unsafe Value
Description The software filters data in a way that causes it to be reduced or "collapsed" into an unsafe value that violates an expected security...
CWE-181 – Incorrect Behavior Order: Validate Before Filter
Description The software validates data before it has been filtered, which prevents the software from detecting data that becomes invalid after the filtering step. This...