Out-of-bounds Write | |
Integer Overflow or Wraparound | |
Improper Output Neutralization for Logs | |
Uncontrolled Memory Allocation | |
Improper Input Validation | |
Covert Timing Channel | |
Improper Input Validation | |
Information Exposure Through Log Files | |
Improper Input Validation | |
Integer Overflow or Wraparound | |
Improper Certificate Validation | |
Deserialization of Untrusted Data | |
Out-of-bounds Read | |
Directory Traversal | |
Improper Input Validation | |
Improperly Implemented Security Check for Standard | |
Improper Input Validation | |
Improper Neutralization of Null Byte or NUL Character | |
Information Exposure | |
Improper Neutralization of Null Byte or NUL Character | |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel | |
Reliance on File Name or Extension of Externally-Supplied File | |
Deserialization of Untrusted Data | |
Allocation of Resources Without Limits or Throttling | |
Resource Exhaustion | |
Use of Insufficiently Random Values | |
Integer Coercion Error | |
Integer Coercion Error | |
Improper Access Control | |
Resource Leak | |
CVE-2017-10176 | |
Covert Timing Channel | |
Improper Use of Validation Framework | |
Incorrect Behavior Order: Early Validation | |
Integer Underflow | |
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') | |
Resource Exhaustion | |
Integer Overflow or Wraparound | |
Allocation of Resources Without Limits or Throttling | |
Improper Use of Validation Framework | |
Allocation of Resources Without Limits or Throttling | |
Integer Overflow or Wraparound | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Improper Authorization | |
Allocation of Resources Without Limits or Throttling | |
Improper Use of Validation Framework | |
Uncaught Exception | |
Improper Cross-boundary Removal of Sensitive Data | |
Deserialization of Untrusted Data | |
Information Exposure | |
Improper Input Validation | |
NULL Pointer Dereference | |
Allocation of Resources Without Limits or Throttling | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Incorrect Authorization | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Untrusted Search Path | |
Information Exposure | |
Improper Access Control | |
Improper Certificate Validation | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Improper Verification of Cryptographic Signature | |
Improper Access Control | |
Information Exposure | |
Improper Verification of Cryptographic Signature | |
Insufficient Comparison | |
Allocation of Resources Without Limits or Throttling | |
Sensitive Information Uncleared Before Release | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
CVE-2018-2814 | |
Allocation of Resources Without Limits or Throttling | |
Deserialization of Untrusted Data | |
CVE-2018-2800 | |
Allocation of Resources Without Limits or Throttling | |
Improper Verification of Cryptographic Signature | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Unsynchronized Access to Shared Data in a Multithreaded Context | |
Untrusted Search Path | |
Deserialization of Untrusted Data | |
CVE-2018-2582 | |
Improper Access Control | |
Improper Input Validation | |
Use After Free | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Use of Insufficiently Random Values | |
Improper Input Validation | |
LDAP Injection | |
Use After Free | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10355 | |
Insufficient Verification of Data Authenticity | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10274 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10346 | |
CVE-2017-10285 | |
HTTP Response Splitting | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
CVE-2017-10096 | |
CVE-2017-10090 | |
CVE-2017-10067 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10110 | |
CVE-2017-10101 | |
Covert Timing Channel | |
CVE-2017-10102 | |
CVE-2017-10193 | |
CVE-2017-10107 | |
CVE-2017-10198 | |
CVE-2017-10078 | |
CVE-2017-10116 | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-10081 | |
CVE-2017-10243 | |
Allocation of Resources Without Limits or Throttling | |
Integer Overflow or Wraparound | |
Out-of-Bounds | |
CVE-2017-10087 | |
CVE-2017-10089 | |
Covert Timing Channel | |
Improper Input Validation | |
Use of a Broken or Risky Cryptographic Algorithm | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Improper Authentication | |
Untrusted Search Path | |
Allocation of Resources Without Limits or Throttling | |
CVE-2017-3272 | |
Information Exposure | |
Integer Overflow or Wraparound | |
CVE-2017-3289 | |
Deserialization of Untrusted Data | |
Improper Input Validation | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Covert Timing Channel | |
Improper Input Validation | |
Integer Overflow or Wraparound | |
Improper Certificate Validation | |
Cleartext Transmission of Sensitive Information | |
CVE-2020-14796 | |
Allocation of Resources Without Limits or Throttling | |
Improper Input Validation | |
Time-of-check Time-of-use (TOCTOU) | |
Uncaught Exception | |
Uncaught Exception | |
Out-of-Bounds | |
Improper Input Validation | |
CVE-2020-14577 | |
Out-of-Bounds | |
CVE-2020-14556 | |
Out-of-Bounds | |
Uncaught Exception | |
Improper Input Validation | |
CVE-2020-2781 | |
Uncaught Exception | |
Uncaught Exception | |
Uncaught Exception | |
HTTP Response Splitting | |
Uncaught Exception | |
Incorrect Regular Expression | |
Allocation of Resources Without Limits or Throttling | |
Use of a Broken or Risky Cryptographic Algorithm | |
Encoding Error | |
Allocation of Resources Without Limits or Throttling | |
Modification of Assumed-Immutable Data (MAID) | |
Improper Input Validation | |
Allocation of Resources Without Limits or Throttling | |
Allocation of Resources Without Limits or Throttling | |
Cross-site Scripting (XSS) | |
Uncaught Exception | |
CVE-2019-2945 | |
Uncaught Exception | |
Uncaught Exception | |
Integer Overflow or Wraparound | |
Uncaught Exception | |
Uncaught Exception | |
CVE-2019-2978 | |
Cross-site Scripting (XSS) | |
Insufficiently Protected Credentials | |
NULL Pointer Dereference | |
Improper Input Validation | |
CVE-2019-2762 | |
Covert Timing Channel | |
Allocation of Resources Without Limits or Throttling | |
Improper Input Validation | |
CVE-2019-2786 | |
Out-of-Bounds | |
Information Exposure | |
Out-of-bounds Write | |
CVE-2019-2684 | |
Allocation of Resources Without Limits or Throttling | |