CWE-561 – Dead Code
Description The software contains dead code, which can never be executed. Dead code is source code that can never be executed in a running program....
CWE-483 – Incorrect Block Delimitation
Description The code does not explicitly delimit a block that is intended to contain 2 or more statements, creating a logic error. In some languages,...
CWE-300 – Channel Accessible by Non-Endpoint
Description The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity...
CWE-295 – Improper Certificate Validation
Description The software does not validate, or incorrectly validates, a certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof...
CWE-705 – Incorrect Control Flow Scoping
Description The software does not properly return control flow to the proper location after it has completed a task or detected an unusual condition. Modes...