CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer
Description The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the...
CWE-1189 – Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
Description The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents. Modes of Introduction: - Architecture and Design Related...
CWE-1188 – Insecure Default Initialization of Resource
Description The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not...
CWE-1187 – DEPRECATED: Use of Uninitialized Resource
Description This entry has been deprecated because it was a duplicate of CWE-908. All content has been transferred to CWE-908. Modes of Introduction: ...
CWE-118 – Incorrect Access of Indexable Resource (‘Range Error’)
Description The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such...
CWE-1177 – Use of Prohibited Code
Description The software uses a function, library, or third party component that has been explicitly prohibited, whether by the developer or the customer. Modes of...
CWE-1176 – Inefficient CPU Computation
Description The program performs CPU computations using algorithms that are not as efficient as they could be for the needs of the developer, i.e., the...
CWE-1174 – ASP.NET Misconfiguration: Improper Model Validation
Description The ASP.NET application does not use, or incorrectly uses, the model validation framework. Modes of Introduction: - Architecture and Design Related Weaknesses...
CWE-1173 – Improper Use of Validation Framework
Description The application does not use, or incorrectly uses, an input validation framework that is provided by the source language or an independent library. Many...
CWE-117 – Improper Output Neutralization for Logs
Description The software does not neutralize or incorrectly neutralizes output that is written to logs. Applications typically use log files to store a history of...