Buffer Overflow | |
Origin Validation Error | |
Arbitrary Code Injection | |
Use After Free | |
Arbitrary Code Injection | |
Exposure of System Data to an Unauthorized Control Sphere | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Incorrect Type Conversion or Cast | |
Buffer Overflow | |
Out-of-bounds Write | |
CVE-2024-7529 | |
Use After Free | |
Out-of-bounds Write | |
Use of Uninitialized Resource | |
Out-of-bounds Read | |
Improper Privilege Management | |
Use After Free | |
Heap-based Buffer Overflow | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Use After Free | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Improper Cross-boundary Removal of Sensitive Data | |
User Interface (UI) Misrepresentation of Critical Information | |
Improper Check for Unusual or Exceptional Conditions | |
Improper Check for Certificate Revocation | |
Integer Overflow or Wraparound | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Integer Overflow or Wraparound | |
CVE-2024-2616 | |
The UI Performs the Wrong Action | |
Use After Free | |
Missing Encryption of Sensitive Data | |
Arbitrary Code Injection | |
The UI Performs the Wrong Action | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Out-of-bounds Read | |
The UI Performs the Wrong Action | |
The UI Performs the Wrong Action | |
Improper Input Validation | |
Out-of-bounds Write | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Input Validation | |
Improper Restriction of Rendered UI Layers or Frames | |
Inadequate Encryption Strength | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Heap-based Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Heap-based Buffer Overflow | |
Buffer Overflow | |
Out-of-bounds Read | |
Heap-based Buffer Overflow | |
Buffer Overflow | |
Heap-based Buffer Overflow | |
Improper Verification of Cryptographic Signature | |
Improper Restriction of Rendered UI Layers or Frames | |
Directory Traversal | |
Use After Free | |
Improper Verification of Cryptographic Signature | |
Use After Free | |
Use After Free | |
Improper Input Validation | |
Improper Input Validation | |
Race Condition | |
Use After Free | |
Double Free | |
Memory Leak | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Multiple Interpretations of UI Input | |
Open Redirect | |
Product UI does not Warn User of Unsafe Actions | |
Improper Handling of Exceptional Conditions | |
Heap-based Buffer Overflow | |
Heap-based Buffer Overflow | |
Unrestricted Upload of File with Dangerous Type | |
Buffer Overflow | |
Buffer Overflow | |
Use After Free | |
Compilation with Insufficient Warnings or Errors | |
Buffer Overflow | |
Authentication Bypass | |
Use After Free | |
Improper Handling of Insufficient Permissions or Privileges | |
Resource Exhaustion | |
Insufficient Verification of Data Authenticity | |
Use of Uninitialized Variable | |
Buffer Overflow | |
User Interface (UI) Misrepresentation of Critical Information | |
Out-of-bounds Read | |
Resource Exhaustion | |
Failure to Sanitize Special Element | |
Reachable Assertion | |
Out-of-Bounds | |
Unrestricted Upload of File with Dangerous Type | |
Out-of-Bounds | |
Direct Request ('Forced Browsing') | |
Incorrect Calculation | |
Buffer Overflow | |
Product UI does not Warn User of Unsafe Actions | |
Arbitrary Code Injection | |
Incorrect Type Conversion or Cast | |
Information Exposure | |
Out-of-bounds Read | |
Buffer Overflow | |
Use After Free | |
Improper Handling of Alternate Encoding | |
Improper Restriction of Rendered UI Layers or Frames | |
Allocation of Resources Without Limits or Throttling | |
Incorrect Type Conversion or Cast | |
Use After Free | |
External Control of File Name or Path | |
Cross-site Scripting (XSS) | |
CVE-2023-25731 | |
Out-of-Bounds | |
Incorrect Synchronization | |
Out-of-bounds Write | |
Buffer Overflow | |
Incorrect Regular Expression | |
Information Exposure | |
Out-of-Bounds | |
Arbitrary Command Injection | |
Buffer Overflow | |
Buffer Overflow | |
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
Use After Free | |
Information Exposure | |
CVE-2023-23602 | |
Use After Free | |
Multiple Interpretations of UI Input | |
Improper Following of a Certificate's Chain of Trust | |
Out-of-Bounds | |
Use of Unmaintained Third Party Components | |
Insufficient UI Warning of Dangerous Operations | |
Inclusion of Functionality from Untrusted Control Sphere | |
Truncation of Security-relevant Information | |
Out-of-bounds Read | |
Out-of-bounds Write | |
Integer Overflow or Wraparound | |
Return of Wrong Status Code | |
Cross-site Scripting (XSS) | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Out-of-Bounds | |
Buffer Overflow | |
Use After Free | |
Information Exposure | |
Use After Free | |
Insufficient UI Warning of Dangerous Operations | |
Expected Behavior Violation | |
Inclusion of Functionality from Untrusted Control Sphere | |
Resource Exhaustion | |
Improper Authentication | |
Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
Use After Free | |
Improper Authentication | |
Buffer Overflow | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Authentication | |
Buffer Overflow | |
Buffer Overflow | |
Improper Handling of Inconsistent Structural Elements | |
Improper Restriction of Rendered UI Layers or Frames | |
The UI Performs the Wrong Action | |
Information Exposure | |
Improper Input Validation | |
Use After Free | |
Buffer Overflow | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Product UI does not Warn User of Unsafe Actions | |
Incorrect Permission Assignment for Critical Resource | |
Buffer Overflow | |
Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Use of Uninitialized Variable | |
Allocation of Resources Without Limits or Throttling | |
Inclusion of Functionality from Untrusted Control Sphere | |
Acceptance of Extraneous Untrusted Data With Trusted Data | |
Buffer Overflow | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Inclusion of Functionality from Untrusted Control Sphere | |
Inclusion of Functionality from Untrusted Control Sphere | |
Use After Free | |
Cleartext Transmission of Sensitive Information | |
Buffer Overflow | |
Use After Free | |
Use After Free | |
Buffer Overflow | |
Arbitrary Code Injection | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
NULL Pointer Dereference | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Out-of-Bounds | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Buffer Overflow | |
Time-of-check Time-of-use (TOCTOU) | |
Use After Free | |
Use After Free | |
The UI Performs the Wrong Action | |
Out-of-bounds Write | |
Use After Free | |
Resource Exhaustion | |
Use After Free | |
Out-of-bounds Read | |
Improper Restriction of Rendered UI Layers or Frames | |
Out-of-bounds Write | |
Improper Certificate Validation | |
Use After Free | |
Use After Free | |
Improper Preservation of Permissions | |
Inappropriate Encoding for Output Context | |
Integer Overflow or Wraparound | |
Incorrect Behavior Order: Early Validation | |
Incorrect Behavior Order: Early Validation | |
Arbitrary Code Injection | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Inclusion of Functionality from Untrusted Control Sphere | |
NULL Pointer Dereference | |
Use After Free | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Integer Overflow or Wraparound | |
Out-of-Bounds | |
Out-of-Bounds | |
Out-of-bounds Write | |
Use After Free | |
Out-of-Bounds | |
Use After Free | |
Out-of-bounds Write | |
Use After Free | |
Out-of-Bounds | |
Missing Initialization of Resource | |
Race Condition | |
Insufficient Verification of Data Authenticity | |
Insufficiently Protected Credentials | |
Buffer Overflow | |
Improper Verification of Cryptographic Signature | |
Insufficient Verification of Data Authenticity | |
Improper Verification of Cryptographic Signature | |
Use of a Broken or Risky Cryptographic Algorithm | |
Improper Privilege Management | |
Incorrect Calculation | |
Time-of-check Time-of-use (TOCTOU) | |
Operation on a Resource after Expiration or Release | |
Arbitrary Argument Injection | |
Integer Overflow or Wraparound | |
CVE-2021-23991 | |
Out-of-Bounds | |
Information Exposure | |
Out-of-bounds Write | |
Out-of-Bounds | |
Authentication Bypass | |
Inadequate Encryption Strength | |
CVE-2021-23969 | |
Information Exposure | |
Information Exposure | |
CVE-2021-23978 | |
Out-of-Bounds | |
CVE-2020-26976 | |
CVE-2021-23960 | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel | |
CVE-2021-23953 | |
Out-of-bounds Write | |
CVE-2020-16012 | |
CVE-2020-26973 | |
Cross-site Scripting (XSS) | |
Out-of-bounds Write | |
Improper Cross-boundary Removal of Sensitive Data | |
Out-of-bounds Write | |
CVE-2020-26961 | |
CVE-2020-26978 | |
Out-of-bounds Write | |
Use After Free | |
CVE-2020-35111 | |
Out-of-bounds Write | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Use of Uninitialized Resource | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Use After Free | |
Out-of-bounds Write | |
Use After Free | |
Use After Free | |
Cross-site Scripting (XSS) | |
Open Redirect | |
Out-of-bounds Write | |
Incorrect Authorization | |
Use After Free | |
Out-of-bounds Write | |
Information Exposure | |
Out-of-bounds Write | |
Origin Validation Error | |
Out-of-bounds Write | |
Out-of-bounds Read | |
Race Condition | |
Use After Free | |
Improper Certificate Validation | |
Insufficient Verification of Data Authenticity | |
Race Condition | |
Out-of-bounds Write | |
Cleartext Transmission of Sensitive Information | |
Out-of-bounds Write | |
Out-of-bounds Write | |
Origin Validation Error | |
Race Condition | |
Out-of-bounds Write | |
Out-of-bounds Write | |
Use of Uninitialized Resource | |
Race Condition | |
Out-of-bounds Write | |
Directory Traversal | |
Out-of-bounds Read | |
Out-of-bounds Write | |
OS Command Injection | |
Information Exposure | |
Use After Free | |
Out-of-bounds Read | |
Cleartext Storage of Sensitive Information | |
Use After Free | |
Use of Uninitialized Resource | |
Cross-site Scripting (XSS) | |
NULL Pointer Dereference | |
Out-of-bounds Write | |
Use of Uninitialized Resource | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Cross-site Scripting (XSS) | |
Out-of-bounds Write | |
Cross-site Scripting (XSS) | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use After Free | |
Race Condition | |
Race Condition | |
Out-of-bounds Write | |
Out-of-bounds Read | |
Out-of-bounds Write | |
Cross-site Scripting (XSS) | |
Out-of-bounds Write | |
Origin Validation Error | |
Race Condition | |
Buffer Overflow | |
Use After Free | |
Out-of-bounds Write | |
Out-of-bounds Write | |
Use After Free | |
Out-of-bounds Write | |
Cleartext Transmission of Sensitive Information | |
Use After Free | |
Information Exposure | |
Inclusion of Functionality from Untrusted Control Sphere | |
Cross-site Scripting (XSS) | |
CVE-2019-11730 | |
CVE-2019-11711 | |
Cross-site Scripting (XSS) | |
Arbitrary Code Injection | |
Use After Free | |
Out-of-bounds Write | |
Improper Encoding or Escaping of Output | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Out-of-bounds Write | |
Improper Input Validation | |
Out-of-bounds Read | |
Out-of-bounds Read | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Origin Validation Error | |
Improper Input Validation | |
Use After Free | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use After Free | |
Information Exposure | |
Out-of-bounds Write | |
Use After Free | |
Out-of-bounds Write | |
Origin Validation Error | |
Out-of-bounds Read | |
Use After Free | |
Out-of-bounds Write | |
Out-of-bounds Write | |
CVE-2018-18506 | |
Out-of-Bounds | |
Reachable Assertion | |
Use After Free | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Out-of-bounds Write | |
Use After Free | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Out-of-Bounds | |
Out-of-bounds Read | |
Use After Free | |
Out-of-bounds Write | |
Out-of-Bounds | |
Origin Validation Error | |
Out-of-bounds Write | |
Out-of-Bounds | |
Out-of-Bounds | |
CVE-2018-12392 | |
Information Exposure | |
Information Exposure | |
Out-of-bounds Read | |
Out-of-Bounds | |
Use After Free | |
Information Exposure | |
Information Exposure | |
Out-of-Bounds | |
Integer Overflow or Wraparound | |
Use After Free | |
Cross-site Request Forgery (CSRF) | |
Use After Free | |
Improper Input Validation | |
Out-of-Bounds | |
Inadequate Encryption Strength | |
Out-of-Bounds | |
CVE-2018-5168 | |
Missing Encryption of Sensitive Data | |
Out-of-bounds Write | |
Use After Free | |
Out-of-Bounds | |
Improper Input Validation | |
Missing Encryption of Sensitive Data | |