Views: 261
0
0
Read Time:2 Minute, 6 Second
- Out-of-bounds Write
CWE-787CVEs in KEV: 70Rank Last Year: 1 - Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
CWE-79CVEs in KEV: 4Rank Last Year: 2 - Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
CWE-89CVEs in KEV: 6Rank Last Year: 3 - Use After Free
CWE-416CVEs in KEV: 44Rank Last Year: 7 (up 3) - Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
CWE-78CVEs in KEV: 23Rank Last Year: 6 (up 1) - Improper Input Validation
CWE-20CVEs in KEV: 35Rank Last Year: 4 (down 2) - Out-of-bounds Read
CWE-125CVEs in KEV: 2Rank Last Year: 5 (down 2) - Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
CWE-22CVEs in KEV: 16Rank Last Year: 8 - Cross-Site Request Forgery (CSRF)
CWE-352CVEs in KEV: 0Rank Last Year: 9 - Unrestricted Upload of File with Dangerous Type
CWE-434CVEs in KEV: 5Rank Last Year: 10 - Missing Authorization
CWE-862CVEs in KEV: 0Rank Last Year: 16 (up 5) - NULL Pointer Dereference
CWE-476CVEs in KEV: 0Rank Last Year: 11 (down 1) - Improper Authentication
CWE-287CVEs in KEV: 10Rank Last Year: 14 (up 1) - Integer Overflow or Wraparound
CWE-190CVEs in KEV: 4Rank Last Year: 13 (down 1) - Deserialization of Untrusted Data
CWE-502CVEs in KEV: 14Rank Last Year: 12 (down 3) - Improper Neutralization of Special Elements used in a Command (‘Command Injection’)
CWE-77CVEs in KEV: 4Rank Last Year: 17 (up 1) - Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-119CVEs in KEV: 7Rank Last Year: 19 (up 2) - Use of Hard-coded Credentials
CWE-798CVEs in KEV: 2Rank Last Year: 15 (down 3) - Server-Side Request Forgery (SSRF)
CWE-918CVEs in KEV: 16Rank Last Year: 21 (up 2) - Missing Authentication for Critical Function
CWE-306CVEs in KEV: 8Rank Last Year: 18 (down 2) - Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’)
CWE-362CVEs in KEV: 8Rank Last Year: 22 (up 1) - Improper Privilege Management
CWE-269CVEs in KEV: 5Rank Last Year: 29 (up 7) - Improper Control of Generation of Code (‘Code Injection’)
CWE-94CVEs in KEV: 6Rank Last Year: 25 (up 2) - Incorrect Authorization
CWE-863CVEs in KEV: 0Rank Last Year: 28 (up 4) - Incorrect Default Permissions
CWE-276CVEs in KEV: 0Rank Last Year: 20 (down 5)
FONTE: MITRE