CWE-842 – Placement of User into Incorrect Group
Description The software or the administrator places a user into an incorrect group. If the incorrect group has more access or privileges than the intended...
CWE-841 – Improper Enforcement of Behavioral Workflow
Description The software supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that...
CWE-84 – Improper Neutralization of Encoded URI Schemes in a Web Page
Description The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings. Modes of Introduction: - Architecture and Design Likelihood of Exploit:...
CWE-839 – Numeric Range Comparison Without Minimum Check
Description The program checks a value to ensure that it is less than or equal to a maximum, but it does not also verify that...
CWE-838 – Inappropriate Encoding for Output Context
Description The software uses or specifies an encoding when generating output to a downstream component, but the specified encoding is not the same as the...
CWE-837 – Improper Enforcement of a Single, Unique Action
Description The software requires that an actor should only be able to perform an action once, or to have only one unique action, but the...
CWE-836 – Use of Password Hash Instead of Password for Authentication
Description The software records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to...
CWE-835 – Loop with Unreachable Exit Condition (‘Infinite Loop’)
Description The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. If the loop can be...
CWE-834 – Excessive Iteration
Description The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed. If the iteration can be...
CWE-833 – Deadlock
Description The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. Modes of...