| Incorrect Type Conversion or Cast | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Use After Free | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Buffer Overflow | |
| Improperly Implemented Security Check for Standard | |
| Out-of-bounds Write | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Integer Overflow or Wraparound | |
| Integer Overflow or Wraparound | |
| Integer Overflow or Wraparound | |
| CVE-2024-7529 | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-bounds Write | |
| Use After Free | |
| Improper Privilege Management | |
| Use of Uninitialized Resource | |
| Use After Free | |
| Out-of-bounds Read | |
| CVE-2024-7518 | |
| Use After Free | |
| Improper Preservation of Permissions | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Use After Free | |
| Improper Validation of Specified Type of Input | |
| Use After Free | |
| Covert Timing Channel | |
| Improper Access Control | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Input Validation | |
| Buffer Overflow | |
| Integer Overflow or Wraparound | |
| Improper Cross-boundary Removal of Sensitive Data | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use After Free | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Check for Unusual or Exceptional Conditions | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Integer Overflow or Wraparound | |
| Use After Free | |
| Out-of-bounds Read | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Product UI does not Warn User of Unsafe Actions | |
| Resource Exhaustion | |
| Buffer Overflow | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| CVE-2024-2616 | |
| The UI Performs the Wrong Action | |
| Register Interface Allows Software Access to Sensitive Data or Security Settings | |
| Integer Overflow or Wraparound | |
| Unchecked Return Value | |
| Information Exposure | |
| Missing Encryption of Sensitive Data | |
| Incorrect Conversion between Numeric Types | |
| Arbitrary Code Injection | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| The UI Performs the Wrong Action | |
| Out-of-bounds Read | |
| The UI Performs the Wrong Action | |
| Buffer Overflow | |
| Resource Exhaustion | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Input Validation | |
| Improper Input Validation | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Inadequate Encryption Strength | |
| Information Exposure | |
| Improper Verification of Cryptographic Signature | |
| Improper Verification of Cryptographic Signature | |
| Heap-based Buffer Overflow | |
| Improper Input Validation | |
| Heap-based Buffer Overflow | |
| Use After Free | |
| Improper Input Validation | |
| Use After Free | |
| Buffer Overflow | |
| Race Condition | |
| Heap-based Buffer Overflow | |
| Use After Free | |
| Directory Traversal | |
| Out-of-bounds Read | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Product UI does not Warn User of Unsafe Actions | |
| Multiple Interpretations of UI Input | |
| Open Redirect | |
| Memory Leak | |
| Improper Handling of Exceptional Conditions | |
| Out-of-Bounds | |
| Heap-based Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Out-of-bounds Write | |
| Heap-based Buffer Overflow | |
| Resource Exhaustion | |
| Information Exposure | |
| Use After Free | |
| Compilation with Insufficient Warnings or Errors | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Incorrect Behavior Order: Early Validation | |
| Authentication Bypass | |
| Authentication Bypass | |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
| Buffer Overflow | |
| Improper Handling of Insufficient Permissions or Privileges | |
| Race Condition | |
| Out-of-bounds Read | |
| Improper Input Validation | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Buffer Overflow | |
| Unrestricted Upload of File with Dangerous Type | |
| Use After Free | |
| Authentication Bypass | |
| Use After Free | |
| Compilation with Insufficient Warnings or Errors | |
| Use After Free | |
| Buffer Overflow | |
| Resource Exhaustion | |
| Buffer Overflow | |
| The UI Performs the Wrong Action | |
| Buffer Overflow | |
| Improper Handling of Insufficient Permissions or Privileges | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use of Uninitialized Variable | |
| Out-of-bounds Read | |
| Insufficient Verification of Data Authenticity | |
| Resource Exhaustion | |
| Double Free | |
| Resource Exhaustion | |
| Product UI does not Warn User of Unsafe Actions | |
| Incorrect Calculation | |
| Direct Request ('Forced Browsing') | |
| Failure to Sanitize Special Element | |
| Unrestricted Upload of File with Dangerous Type | |
| Buffer Overflow | |
| Reachable Assertion | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Incorrect Type Conversion or Cast | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Arbitrary Code Injection | |
| The UI Performs the Wrong Action | |
| Use After Free | |
| Improper Handling of Alternate Encoding | |
| Insufficient UI Warning of Dangerous Operations | |
| Buffer Overflow | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Incorrect Type Conversion or Cast | |
| Incorrect Synchronization | |
| Out-of-bounds Write | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Check for Certificate Revocation | |
| Buffer Overflow | |
| CVE-2023-23602 | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Incorrect Regular Expression | |
| Arbitrary Command Injection | |
| Use of Unmaintained Third Party Components | |
| Multiple Interpretations of UI Input | |
| Insufficient UI Warning of Dangerous Operations | |
| Out-of-bounds Read | |
| Truncation of Security-relevant Information | |
| Out-of-Bounds | |
| Use After Free | |
| Buffer Overflow | |
| Use After Free | |
| Information Exposure | |
| Information Exposure | |
| Use After Free | |
| Buffer Overflow | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Information Exposure | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Information Exposure | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Sensitive Cookie with Improper SameSite Attribute | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Resource Exhaustion | |
| Buffer Overflow | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Improper Input Validation | |
| Improper Authentication | |
| Improper Authentication | |
| Improper Authentication | |
| Use After Free | |
| Buffer Overflow | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Handling of Inconsistent Structural Elements | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
| Expected Behavior Violation | |
| Improper Restriction of Rendered UI Layers or Frames | |
| The UI Performs the Wrong Action | |
| Information Exposure | |
| Buffer Overflow | |
| Product UI does not Warn User of Unsafe Actions | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Cross-site Scripting (XSS) | |
| Buffer Overflow | |
| Insufficient UI Warning of Dangerous Operations | |
| Return of Wrong Status Code | |
| Integer Overflow or Wraparound | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Cross-site Scripting (XSS) | |
| Acceptance of Extraneous Untrusted Data With Trusted Data | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Allocation of Resources Without Limits or Throttling | |
| Use of Uninitialized Variable | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Improper Use of Validation Framework | |
| Information Exposure | |
| Resource Exhaustion | |
| Buffer Overflow | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Preservation of Permissions | |
| Resource Exhaustion | |
| Open Redirect | |
