Access of Resource Using Incompatible Type ('Type Confusion') | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Improperly Implemented Security Check for Standard | |
Incorrect Type Conversion or Cast | |
Out-of-bounds Write | |
Missing Authorization | |
Buffer Overflow | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Exposure of System Data to an Unauthorized Control Sphere | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use After Free | |
Out-of-bounds Write | |
Use After Free | |
CVE-2024-7529 | |
Use After Free | |
Out-of-bounds Read | |
Cross-site Scripting (XSS) | |
Use of Uninitialized Resource | |
Improper Privilege Management | |
CVE-2024-7518 | |
Out-of-Bounds | |
Improper Preservation of Permissions | |
Buffer Overflow | |
Improper Input Validation | |
Buffer Overflow | |
Improper Access Control | |
Use After Free | |
Covert Timing Channel | |
Improper Validation of Specified Type of Input | |
Inclusion of Functionality from Untrusted Control Sphere | |
Use After Free | |
Integer Overflow or Wraparound | |
Improper Check for Unusual or Exceptional Conditions | |
User Interface (UI) Misrepresentation of Critical Information | |
Improper Cross-boundary Removal of Sensitive Data | |
Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Use After Free | |
Resource Exhaustion | |
Use After Free | |
Out-of-bounds Read | |
Integer Overflow or Wraparound | |
Use After Free | |
Buffer Overflow | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Product UI does not Warn User of Unsafe Actions | |
Arbitrary Code Injection | |
The UI Performs the Wrong Action | |
Information Exposure | |
Use After Free | |
Integer Overflow or Wraparound | |
CVE-2024-2616 | |
Cross-site Scripting (XSS) | |
Buffer Overflow | |
Register Interface Allows Software Access to Sensitive Data or Security Settings | |
Incorrect Conversion between Numeric Types | |
Arbitrary Code Injection | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Out-of-bounds Read | |
The UI Performs the Wrong Action | |
The UI Performs the Wrong Action | |
Resource Exhaustion | |
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') | |
Improper Restriction of Rendered UI Layers or Frames | |
Out-of-bounds Write | |
Improper Restriction of Rendered UI Layers or Frames | |
Unchecked Return Value | |
Improper Input Validation | |
Improper Restriction of Rendered UI Layers or Frames | |
Inadequate Encryption Strength | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Improper Input Validation | |
Information Exposure | |
Heap-based Buffer Overflow | |
Improper Input Validation | |
Improper Input Validation | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Use of Uninitialized Resource | |
Race Condition | |
Heap-based Buffer Overflow | |
Buffer Overflow | |
Heap-based Buffer Overflow | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Directory Traversal | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Out-of-bounds Read | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Product UI does not Warn User of Unsafe Actions | |
Multiple Interpretations of UI Input | |
Open Redirect | |
Memory Leak | |
Improper Handling of Exceptional Conditions | |
Out-of-Bounds | |
Heap-based Buffer Overflow | |
Buffer Overflow | |
Use After Free | |
Out-of-bounds Write | |
Heap-based Buffer Overflow | |
Resource Exhaustion | |
Information Exposure | |
Use After Free | |
Compilation with Insufficient Warnings or Errors | |
Use After Free | |
Use After Free | |
Buffer Overflow | |
Out-of-Bounds | |
Buffer Overflow | |
Incorrect Behavior Order: Early Validation | |
Authentication Bypass | |
Authentication Bypass | |
Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
Buffer Overflow | |
Improper Handling of Insufficient Permissions or Privileges | |
Race Condition | |
Out-of-bounds Read | |
Improper Input Validation | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Buffer Overflow | |
Use After Free | |
Authentication Bypass | |
Use After Free | |
Compilation with Insufficient Warnings or Errors | |
Use After Free | |
Buffer Overflow | |
Resource Exhaustion | |
Buffer Overflow | |
The UI Performs the Wrong Action | |
Buffer Overflow | |
Improper Handling of Insufficient Permissions or Privileges | |
User Interface (UI) Misrepresentation of Critical Information | |
Use of Uninitialized Variable | |
Out-of-bounds Read | |
Insufficient Verification of Data Authenticity | |
Resource Exhaustion | |
Double Free | |
Incorrect Calculation | |
Direct Request ('Forced Browsing') | |
Failure to Sanitize Special Element | |
Unrestricted Upload of File with Dangerous Type | |
Buffer Overflow | |
Reachable Assertion | |
Out-of-Bounds | |
Out-of-Bounds | |
Inefficient Regular Expression Complexity | |
Inclusion of Functionality from Untrusted Control Sphere | |
Incorrect Type Conversion or Cast | |
Out-of-bounds Read | |
Buffer Overflow | |
Arbitrary Code Injection | |
Use After Free | |
Improper Handling of Alternate Encoding | |
Insufficient UI Warning of Dangerous Operations | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Use After Free | |
Incorrect Type Conversion or Cast | |
Incorrect Synchronization | |
Out-of-bounds Write | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
CVE-2023-23602 | |
Inclusion of Functionality from Untrusted Control Sphere | |
Incorrect Regular Expression | |
Arbitrary Command Injection | |
Use of Unmaintained Third Party Components | |
Multiple Interpretations of UI Input | |
Insufficient UI Warning of Dangerous Operations | |
Buffer Overflow | |
Out-of-Bounds | |
Out-of-bounds Read | |
Truncation of Security-relevant Information | |
Out-of-Bounds | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Information Exposure | |
Use After Free | |
Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Information Exposure | |
Improper Restriction of Rendered UI Layers or Frames | |
Information Exposure | |
Improper Restriction of Rendered UI Layers or Frames | |
Sensitive Cookie with Improper SameSite Attribute | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Use After Free | |
Cross-site Scripting (XSS) | |
Use After Free | |
Resource Exhaustion | |
Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Handling of Inconsistent Structural Elements | |
Improper Restriction of Rendered UI Layers or Frames | |
Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
Buffer Overflow | |
Product UI does not Warn User of Unsafe Actions | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Cross-site Scripting (XSS) | |
Buffer Overflow | |
Return of Wrong Status Code | |
Integer Overflow or Wraparound | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Cross-site Scripting (XSS) | |
Use After Free | |
Cross-site Scripting (XSS) | |
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
Cross-site Scripting (XSS) | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Allocation of Resources Without Limits or Throttling | |
Use of Uninitialized Variable | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Inclusion of Functionality from Untrusted Control Sphere | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Resource Exhaustion | |
Buffer Overflow | |
Exposure of System Data to an Unauthorized Control Sphere | |
Reliance on Cookies without Validation and Integrity Checking | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Preservation of Permissions | |
Improper Restriction of Rendered UI Layers or Frames | |
Out-of-bounds Write | |
Out-of-bounds Read | |
Buffer Overflow | |
Use After Free | |
Resource Exhaustion | |
Use After Free | |
Use After Free | |
Time-of-check Time-of-use (TOCTOU) | |
Improper Preservation of Permissions | |
The UI Performs the Wrong Action | |
Use After Free | |
Incorrect Behavior Order: Early Validation | |
Use After Free | |
Use After Free | |
Use After Free | |
Buffer Overflow | |
Incorrect Behavior Order: Early Validation | |
Resource Exhaustion | |
Integer Overflow or Wraparound | |
Inappropriate Encoding for Output Context | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Arbitrary Code Injection | |
Improper Restriction of Rendered UI Layers or Frames | |
Inclusion of Functionality from Untrusted Control Sphere | |
Inclusion of Functionality from Untrusted Control Sphere | |
Inclusion of Functionality from Untrusted Control Sphere | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Integer Overflow or Wraparound | |
Incorrect Calculation | |
Integer Overflow or Wraparound | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Restriction of Rendered UI Layers or Frames | |
Buffer Overflow | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
NULL Pointer Dereference | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Cross-site Scripting (XSS) | |
Loop with Unreachable Exit Condition ('Infinite Loop') | |
Buffer Overflow | |
Unquoted Search Path or Element | |
Improper Restriction of Rendered UI Layers or Frames | |
Information Exposure | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Inclusion of Functionality from Untrusted Control Sphere | |
Incorrect Permission Assignment for Critical Resource | |
Improper Restriction of Rendered UI Layers or Frames | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Buffer Overflow | |
Improper Restriction of Rendered UI Layers or Frames | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Information Exposure | |
Out-of-Bounds | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Out-of-Bounds | |
Time-of-check Time-of-use (TOCTOU) | |
Use After Free | |
Use of Uninitialized Resource | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Improper Cross-boundary Removal of Sensitive Data | |
Improper Validation of Integrity Check Value | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Improperly Implemented Security Check for Standard | |
Use After Free | |
User Interface (UI) Misrepresentation of Critical Information | |
Use After Free | |
Cross-site Scripting (XSS) | |
Cross-site Scripting (XSS) | |
Open Redirect | |
Use After Free | |
Cross-site Scripting (XSS) | |
Buffer Overflow | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Use After Free | |
Incorrect Use of Privileged APIs | |
Improper Following of a Certificate's Chain of Trust | |
Buffer Overflow | |
Information Exposure | |
CVE-2020-6514 | |
Information Exposure | |
Out-of-Bounds | |
Use After Free | |
Use After Free | |
Buffer Overflow | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Files or Directories Accessible to External Parties | |
Use After Free | |
Use After Free | |
Buffer Overflow | |
Buffer Overflow | |
Use After Free | |
Out-of-bounds Write | |
NULL Pointer Dereference | |
Arbitrary Argument Injection | |
Information Exposure | |
Integer Overflow or Wraparound | |
Information Exposure | |
Null Byte Interaction Error (Poison Null Byte) | |
Improper Preservation of Permissions | |
Use After Free | |
Buffer Overflow | |
Use After Free | |
Improper Preservation of Permissions | |
Buffer Overflow | |
Improper Input Validation | |
Out-of-Bounds | |
Inclusion of Functionality from Untrusted Control Sphere | |
Out-of-bounds Read | |
Buffer Overflow | |
Information Exposure | |
Information Exposure | |
Out-of-bounds Read | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use After Free | |
Buffer Overflow | |
Buffer Overflow | |
Out-of-bounds Write | |
Out-of-Bounds | |
Buffer Overflow | |
Use After Free | |
Out-of-bounds Write | |
Information Exposure | |
Buffer Overflow | |
Information Exposure | |
Improper Restriction of Rendered UI Layers or Frames | |
Cross-site Scripting (XSS) | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Use After Free | |
Out-of-bounds Read | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Information Exposure | |
Buffer Overflow | |
Buffer Overflow | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Information Exposure | |
Use After Free | |
Information Exposure | |
Buffer Overflow | |
Use After Free | |
Use After Free | |
Improper Input Validation | |
Buffer Overflow | |
Use After Free | |
Improper Neutralization of Special Elements | |
Use After Free | |
User Interface (UI) Misrepresentation of Critical Information | |
User Interface (UI) Misrepresentation of Critical Information | |
Information Exposure | |
Incorrect Default Permissions | |
Out-of-bounds Read | |
User Interface (UI) Misrepresentation of Critical Information | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Integer Overflow or Wraparound | |
Resource Exhaustion | |
Heap-based Buffer Overflow | |
Use After Free | |
Buffer Overflow | |
Buffer Overflow | |
Heap-based Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Exposed Dangerous Method or Function | |
Cross-site Scripting (XSS) | |
Buffer Overflow | |
Use After Free | |
Buffer Overflow | |
Missing Authorization | |
Inclusion of Functionality from Untrusted Control Sphere | |
Cross-site Scripting (XSS) | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use After Free | |
Execution with Unnecessary Privileges | |
Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improperly Implemented Security Check for Standard | |
Information Exposure | |
Incorrect Permission Assignment for Critical Resource | |
Improperly Implemented Security Check for Standard | |
Reliance on Untrusted Inputs in a Security Decision | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Privilege Context Switching Error | |
Use After Free | |
Buffer Overflow | |
Cross-site Scripting (XSS) | |
Improper Cross-boundary Removal of Sensitive Data | |
Inclusion of Functionality from Untrusted Control Sphere | |
Inclusion of Functionality from Untrusted Control Sphere | |
Improper Neutralization of Special Elements | |
Resource Exhaustion | |
Inclusion of Functionality from Untrusted Control Sphere | |
Unsynchronized Access to Shared Data in a Multithreaded Context | |
Buffer Overflow | |
Use After Free | |
Use After Free | |
Inclusion of Functionality from Untrusted Control Sphere | |
Buffer Overflow | |
Inclusion of Functionality from Untrusted Control Sphere | |
Use After Free | |
Out-of-bounds Read | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Information Exposure | |
Out-of-Bounds | |
Information Exposure | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Out-of-Bounds | |
Information Exposure | |
Use After Free | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Use After Free | |
Buffer Overflow | |
Access of Resource Using Incompatible Type ('Type Confusion') | |
Improperly Implemented Security Check for Standard | |
Authentication Bypass | |
Improper Access Control | |
Files or Directories Accessible to External Parties | |
User Interface (UI) Misrepresentation of Critical Information | |
Session Fixation | |
Untrusted Search Path | |
Improperly Implemented Security Check for Standard | |
User Interface (UI) Misrepresentation of Critical Information | |
Deserialization of Untrusted Data | |
Out-of-bounds Read | |
Inclusion of Functionality from Untrusted Control Sphere | |
Encoding Error | |
Improper Authorization | |
Encoding Error | |
Improper Authorization | |
Improper Cross-boundary Removal of Sensitive Data | |
Improperly Implemented Security Check for Standard | |
Improper Cross-boundary Removal of Sensitive Data | |
Information Exposure | |
Improper Neutralization of Special Elements | |
Unsynchronized Access to Shared Data in a Multithreaded Context | |
Improper Input Validation | |
Improper Input Validation | |
Authentication Bypass | |
Improper Input Validation | |
Improper Input Validation | |
Product UI does not Warn User of Unsafe Actions | |
Improper Access Control | |