Improper Output Neutralization for Logs
| |
Out-of-bounds Write
| |
Reliance on Reverse DNS Resolution for a Security-Critical Action
| |
Uncontrolled Memory Allocation
| |
Integer Overflow or Wraparound
| |
Improper Input Validation
| |
Covert Timing Channel
| |
Information Exposure Through Log Files
| |
Improper Input Validation
| |
Improper Input Validation
| |
Integer Overflow or Wraparound
| |
Improper Certificate Validation
| |
Loop with Unreachable Exit Condition ('Infinite Loop')
| |
Small Space of Random Values
| |
Out-of-bounds Read
| |
Directory Traversal
| |
Directory Traversal
| |
Improper Input Validation
| |
Improperly Implemented Security Check for Standard
| |
Improper Input Validation
| |
Improper Neutralization of Null Byte or NUL Character
| |
Information Exposure
| |
Improper Neutralization of Null Byte or NUL Character
| |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
| |
Allocation of Resources Without Limits or Throttling
| |
Resource Exhaustion
| |
Reliance on File Name or Extension of Externally-Supplied File
| |
Authentication Bypass
| |
Allocation of Resources Without Limits or Throttling
| |
Resource Exhaustion
| |
Use of Insufficiently Random Values
| |
Integer Coercion Error
| |
Buffer Overflow
| |
Integer Coercion Error
| |
Improper Access Control
| |
Resource Leak
| |
Improper Use of Validation Framework
| |
Incorrect Behavior Order: Early Validation
| |
Integer Underflow
| |
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
| |
Resource Exhaustion
| |
Allocation of Resources Without Limits or Throttling
| |
Integer Overflow or Wraparound
| |
Allocation of Resources Without Limits or Throttling
| |
Improper Use of Validation Framework
| |
Allocation of Resources Without Limits or Throttling
| |
Integer Overflow or Wraparound
| |
Loop with Unreachable Exit Condition ('Infinite Loop')
| |
Improper Authorization
| |
Allocation of Resources Without Limits or Throttling
| |
Improper Use of Validation Framework
| |
Out-of-bounds Write
| |
Uncaught Exception
| |
Improper Cross-boundary Removal of Sensitive Data
| |
Allocation of Resources Without Limits or Throttling
| |
Deserialization of Untrusted Data
| |
Information Exposure
| |
NULL Pointer Dereference
| |
Allocation of Resources Without Limits or Throttling
| |
Loop with Unreachable Exit Condition ('Infinite Loop')
| |
Incorrect Authorization
| |
Improper Input Validation
| |
Allocation of Resources Without Limits or Throttling
| |
Allocation of Resources Without Limits or Throttling
| |
Allocation of Resources Without Limits or Throttling
| |
Use of a Broken or Risky Cryptographic Algorithm
| |
CVE-2018-3150
| |
Untrusted Search Path
| |
Information Exposure
| |
Improper Access Control
| |
Improper Certificate Validation
| |
Improper Verification of Cryptographic Signature
| |
Improper Access Control
| |
Information Exposure
| |
Improper Verification of Cryptographic Signature
| |
Insufficient Comparison
| |
Use of a Broken or Risky Cryptographic Algorithm
| |
Integer Overflow or Wraparound
| |
Improper Certificate Validation
| |
Cleartext Transmission of Sensitive Information
| |
CVE-2020-14796
| |
Allocation of Resources Without Limits or Throttling
| |
Improper Input Validation
| |
Time-of-check Time-of-use (TOCTOU)
| |
CVE-2020-14573
| |
Allocation of Resources Without Limits or Throttling
| |
Out-of-Bounds
| |
Improper Input Validation
| |
CVE-2020-14577
| |
Out-of-Bounds
| |
CVE-2020-14556
| |
Use of a Broken or Risky Cryptographic Algorithm
| |
Out-of-Bounds
| |
Uncaught Exception
| |
Improperly Implemented Security Check for Standard
| |
Improper Input Validation
| |
Improperly Implemented Security Check for Standard
| |
CVE-2020-2781
| |
Uncaught Exception
| |
Uncaught Exception
| |
Uncaught Exception
| |
HTTP Response Splitting
| |
Uncaught Exception
| |
Incorrect Regular Expression
| |
Use of a Broken or Risky Cryptographic Algorithm
| |
Encoding Error
| |
Allocation of Resources Without Limits or Throttling
| |
Modification of Assumed-Immutable Data (MAID)
| |
Improper Enforcement of Behavioral Workflow
| |
Improper Input Validation
| |
Allocation of Resources Without Limits or Throttling
| |
Allocation of Resources Without Limits or Throttling
| |
Cross-site Scripting (XSS)
| |
Uncaught Exception
| |
Out-of-bounds Read
| |
CVE-2019-2945
| |
Uncaught Exception
| |
Uncaught Exception
| |
Integer Overflow or Wraparound
| |
Uncaught Exception
| |
Uncaught Exception
| |
CVE-2019-2978
| |
Cross-site Scripting (XSS)
| |
Insufficiently Protected Credentials
| |
NULL Pointer Dereference
| |
Improper Input Validation
| |
Improperly Implemented Security Check for Standard
| |
Covert Timing Channel
| |
CVE-2019-2762
| |
Covert Timing Channel
| |
Allocation of Resources Without Limits or Throttling
| |
Improper Input Validation
| |
CVE-2019-2786
| |
Information Exposure
| |
CVE-2019-2684
| |
Allocation of Resources Without Limits or Throttling
| |