Out-of-bounds Write | |
Integer Overflow or Wraparound | |
Improper Output Neutralization for Logs | |
Uncontrolled Memory Allocation | |
Improper Input Validation | |
Covert Timing Channel | |
Improper Input Validation | |
Improper Input Validation | |
Information Exposure Through Log Files | |
Integer Overflow or Wraparound | |
Improper Certificate Validation | |
Deserialization of Untrusted Data | |
Out-of-bounds Read | |
Directory Traversal | |
Improper Input Validation | |
Improperly Implemented Security Check for Standard | |
Improper Input Validation | |
Improper Neutralization of Null Byte or NUL Character | |
Information Exposure | |
Improper Neutralization of Null Byte or NUL Character | |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel | |
Reliance on File Name or Extension of Externally-Supplied File | |
Deserialization of Untrusted Data | |
Allocation of Resources Without Limits or Throttling | |
Resource Exhaustion | |
Use of Insufficiently Random Values | |
Integer Coercion Error | |
Integer Coercion Error | |
Improper Access Control | |
Resource Leak | |
CVE-2017-10176 | |
Covert Timing Channel | |
Improper Use of Validation Framework | |
Incorrect Behavior Order: Early Validation | |
Integer Underflow | |
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') | |
Resource Exhaustion | |
Integer Overflow or Wraparound | |
Allocation of Resources Without Limits or Throttling | |
Improper Use of Validation Framework | |
Allocation of Resources Without Limits or Throttling | |
Integer Overflow or Wraparound | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Improper Authorization | |
Allocation of Resources Without Limits or Throttling | |
Improper Use of Validation Framework | |
Uncaught Exception | |
Improper Cross-boundary Removal of Sensitive Data | |
Deserialization of Untrusted Data | |
Information Exposure | |
Improper Input Validation | |
NULL Pointer Dereference | |
Allocation of Resources Without Limits or Throttling | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Incorrect Authorization | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Untrusted Search Path | |
Information Exposure | |
Improper Access Control | |
Improper Certificate Validation | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Improper Verification of Cryptographic Signature | |
Improper Access Control | |
Information Exposure | |
Improper Verification of Cryptographic Signature | |
Insufficient Comparison | |
Allocation of Resources Without Limits or Throttling | |
Sensitive Information Uncleared Before Release | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
CVE-2018-2814 | |
Allocation of Resources Without Limits or Throttling | |
Deserialization of Untrusted Data | |
CVE-2018-2800 | |
Allocation of Resources Without Limits or Throttling | |
Improper Verification of Cryptographic Signature | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Unsynchronized Access to Shared Data in a Multithreaded Context | |
Untrusted Search Path | |
Deserialization of Untrusted Data | |
CVE-2018-2582 | |
Improper Access Control | |
Improper Input Validation | |
Use After Free | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Use of Insufficiently Random Values | |
Improper Input Validation | |
LDAP Injection | |
Use After Free | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10355 | |
Insufficient Verification of Data Authenticity | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10274 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10346 | |
CVE-2017-10285 | |
HTTP Response Splitting | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
CVE-2017-10096 | |
CVE-2017-10090 | |
CVE-2017-10067 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10110 | |
CVE-2017-10101 | |
Covert Timing Channel | |
CVE-2017-10102 | |
CVE-2017-10193 | |
CVE-2017-10107 | |
CVE-2017-10198 | |
CVE-2017-10078 | |
CVE-2017-10116 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10081 | |
CVE-2017-10243 | |
Allocation of Resources Without Limits or Throttling | |
Integer Overflow or Wraparound | |
Out-of-Bounds | |
CVE-2017-10087 | |
CVE-2017-10089 | |
Covert Timing Channel | |
Improper Input Validation | |
Use of a Broken or Risky Cryptographic Algorithm | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Improper Authentication | |
Untrusted Search Path | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-3272 | |
Information Exposure | |
Integer Overflow or Wraparound | |
CVE-2017-3289 | |
Deserialization of Untrusted Data | |
Improper Input Validation | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Covert Timing Channel | |
Improper Input Validation | |
CVE-2016-5554 | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use of a Broken or Risky Cryptographic Algorithm | |
Cleartext Transmission of Sensitive Information | |
Improper Input Validation | |
Out-of-bounds Read | |
Allocation of Resources Without Limits or Throttling | |
CVE-2016-3587 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2016-3458 | |
Integer Overflow or Wraparound | |
CVE-2016-3610 | |
CVE-2016-3606 | |
CVE-2016-3598 | |
CVE-2016-3426 | |
CVE-2016-3427 | |
CVE-2016-0687 | |
CVE-2016-3425 | |
CVE-2016-0686 | |
CVE-2016-0695 | |
Integer Overflow or Wraparound | |
Improperly Implemented Security Check for Standard | |
Improper Certificate Validation | |
Cleartext Transmission of Sensitive Information | |
CVE-2020-14796 | |
Allocation of Resources Without Limits or Throttling | |
Improper Input Validation | |
Improper Data Handling | |
Time-of-check Time-of-use (TOCTOU) | |
Incorrect Conversion between Numeric Types | |
CVE-2016-0402 | |
CVE-2016-0466 | |
CVE-2016-0475 | |
Out-of-bounds Write | |
Information Exposure Through Log Files | |
Out-of-bounds Read | |
CVE-2015-4844 | |
CVE-2015-4883 | |
Information Exposure | |
CVE-2015-4882 | |
CVE-2015-4911 | |
Algorithmic Complexity | |
Information Exposure | |
Incorrect Conversion between Numeric Types | |
CVE-2015-4835 | |
CVE-2015-4868 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2015-4860 | |
Improper Initialization | |
CVE-2015-4881 | |
CVE-2015-4903 | |
Improper Input Validation | |
CVE-2015-4872 | |
Uncaught Exception | |
Uncaught Exception | |
Out-of-Bounds | |
Improper Input Validation | |
CVE-2020-14577 | |
Out-of-Bounds | |
CVE-2020-14556 | |
Improper Certificate Validation | |
Out-of-bounds Write | |
CVE-2015-2621 | |
Improper Check for Certificate Revocation | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
CVE-2015-4733 | |
Missing Release of Resource after Effective Lifetime | |
Covert Timing Channel | |
CVE-2015-2590 | |
Integer Overflow or Wraparound | |
Unsynchronized Access to Shared Data in a Multithreaded Context | |
Insecure Temporary File | |
NULL Pointer Dereference | |
CVE-2015-4731 | |
Use of a Broken or Risky Cryptographic Algorithm | |
Use of a Broken or Risky Cryptographic Algorithm | |
CVE-2015-0470 | |
Directory Traversal | |
Uncaught Exception | |
Off-by-one Error | |
Directory Traversal | |
CVE-2015-0460 | |
CVE-2015-0477 | |
Improperly Implemented Security Check for Standard | |
Out-of-Bounds | |
Uncaught Exception | |
Improper Input Validation | |
CVE-2020-2781 | |
Uncaught Exception | |
Uncaught Exception | |
Uncaught Exception | |
HTTP Response Splitting | |
Uncaught Exception | |
Incorrect Regular Expression | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Encoding Error | |
Allocation of Resources Without Limits or Throttling | |
Modification of Assumed-Immutable Data (MAID) | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Cross-site Scripting (XSS) | |
Uncaught Exception | |
CVE-2019-2945 | |
Uncaught Exception | |
Uncaught Exception | |
Integer Overflow or Wraparound | |
Uncaught Exception | |
Uncaught Exception | |
CVE-2019-2978 | |
Cross-site Scripting (XSS) | |
Insufficiently Protected Credentials | |
NULL Pointer Dereference | |
Improper Input Validation | |
CVE-2019-2762 | |
Covert Timing Channel | |
Allocation of Resources Without Limits or Throttling | |
Improper Input Validation | |
CVE-2019-2786 | |
Out-of-Bounds | |
Information Exposure | |
Out-of-bounds Write | |
CVE-2019-2684 | |
Allocation of Resources Without Limits or Throttling | |