| Cross-site Scripting (XSS) | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Expired Pointer Dereference | |
| Expired Pointer Dereference | |
| Expired Pointer Dereference | |
| Access of Uninitialized Pointer | |
| Access of Uninitialized Pointer | |
| Access of Uninitialized Pointer | |
| Incorrect Privilege Assignment | |
| Out-of-bounds Write | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| Use of Potentially Dangerous Function | |
| Out-of-bounds Write | |
| Use of Out-of-range Pointer Offset | |
| Expired Pointer Dereference | |
| Incorrect Calculation of Buffer Size | |
| Incorrect Calculation of Buffer Size | |
| Improper Handling of File Names | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Incorrect Privilege Assignment | |
| Exposure of Private Information ('Privacy Violation') | |
| Buffer Access with Incorrect Length Value | |
| Incorrect Privilege Assignment | |
| Expected Behavior Violation | |
| Improperly Implemented Security Check for Standard | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Expired Pointer Dereference | |
| Buffer Overflow | |
| Buffer Access with Incorrect Length Value | |
| Undefined Behavior for Input to API | |
| Incorrect Privilege Assignment | |
| Access of Uninitialized Pointer | |
| Access of Uninitialized Pointer | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Exposure of Private Information ('Privacy Violation') | |
| Expired Pointer Dereference | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Use of Out-of-range Pointer Offset | |
| Out-of-bounds Write | |
| Undefined Behavior for Input to API | |
| Allocation of Resources Without Limits or Throttling | |
| Compiler Optimization Removal or Modification of Security-critical Code | |
| Expired Pointer Dereference | |
| HTTP Request Smuggling | |
| Out-of-bounds Write | |
| Compiler Optimization Removal or Modification of Security-critical Code | |
| Out-of-bounds Write | |
| Expired Pointer Dereference | |
| Incorrect Calculation of Buffer Size | |
| Integer Overflow or Wraparound | |
| Use of Out-of-range Pointer Offset | |
| Insufficient Compartmentalization | |
| Expired Pointer Dereference | |
| Integer Overflow or Wraparound | |
| Integer Overflow or Wraparound | |
| Expired Pointer Dereference | |
| Trust Boundary Violation | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Race Condition | |
| Integer Overflow or Wraparound | |
| Expired Pointer Dereference | |
| Out-of-bounds Write | |
| Integer Overflow or Wraparound | |
| NULL Pointer Dereference | |
| Out-of-bounds Write | |
| Arbitrary Code Injection | |
| Expression Language Injection | |
| Arbitrary Code Injection | |
| Improperly Controlled Modification of Dynamically-Determined Object Attributes | |
| Uncaught Exception | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Buffer Access with Incorrect Length Value | |
| Buffer Underflow | |
| Expired Pointer Dereference | |
| Access of Uninitialized Pointer | |
| Expired Pointer Dereference | |
| Out-of-bounds Write | |
| Expired Pointer Dereference | |
| Access of Uninitialized Pointer | |
| Exposure of Private Information ('Privacy Violation') | |
| Integer Overflow or Wraparound | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Incorrect Calculation of Buffer Size | |
| Integer Overflow or Wraparound | |
| Integer Overflow or Wraparound | |
| Out-of-bounds Write | |
| Use of Out-of-range Pointer Offset | |
| Undefined Behavior for Input to API | |
| Buffer Access with Incorrect Length Value | |
| Expired Pointer Dereference | |
| Buffer Overflow | |
| Expired Pointer Dereference | |
| Insufficient Compartmentalization | |
| Undefined Behavior for Input to API | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Compiler Optimization Removal or Modification of Security-critical Code | |
| Incorrect Privilege Assignment | |
| Use of Out-of-range Pointer Offset | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Expired Pointer Dereference | |
| Expired Pointer Dereference | |
| Out-of-bounds Write | |
| HTTP Request Smuggling | |
| Compiler Optimization Removal or Modification of Security-critical Code | |
| Trust Boundary Violation | |
| Out-of-bounds Write | |
| Race Condition | |
| Allocation of Resources Without Limits or Throttling | |
| Unchecked Input for Loop Condition | |
| CVE-2026-2769 | |
| Use After Free | |
| CVE-2026-2788 | |
| Uncaught Exception | |
| Out-of-bounds Write | |
| CVE-2026-2775 | |
| Out-of-bounds Read | |
| CVE-2026-2773 | |
| Integer Overflow or Wraparound | |
| CVE-2026-2447 | |
| CVE-2026-2791 | |
| Allocation of Resources Without Limits or Throttling | |
| CVE-2026-2779 | |
| Out-of-bounds Write | |
| CVE-2026-23865 | |
| Use After Free | |
| Incorrect Behavior Order: Early Validation | |
| Use After Free | |
| Use After Free | |
| Out-of-bounds Read | |
| CVE-2026-0891 | |
| CVE-2026-0890 | |
| CVE-2026-0887 | |
| CVE-2026-0886 | |
| CVE-2026-0885 | |
| CVE-2026-0884 | |
| CVE-2026-0883 | |
| CVE-2026-0882 | |
| CVE-2026-0880 | |
| CVE-2026-0879 | |
| CVE-2026-0878 | |
| CVE-2026-0877 | |
| Authentication Bypass | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| CVE-2026-2791 | |
| CVE-2026-2790 | |
| Use After Free | |
| CVE-2026-2788 | |
| Use After Free | |
| Use After Free | |
| Access of Uninitialized Pointer | |
| CVE-2026-2784 | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| CVE-2026-2782 | |
| Integer Overflow or Wraparound | |
| CVE-2026-2780 | |
| CVE-2026-2779 | |
| CVE-2026-2778 | |
| CVE-2026-2777 | |
| CVE-2026-2776 | |
| CVE-2026-2775 | |
| Integer Overflow or Wraparound | |
| CVE-2026-2773 | |
| Use After Free | |
| CVE-2026-2771 | |
| Use After Free | |
| CVE-2026-2769 | |
| CVE-2026-2768 | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Integer Overflow or Wraparound | |
| CVE-2026-2761 | |
| CVE-2026-2760 | |
| CVE-2026-2759 | |
| Use After Free | |
| CVE-2026-2757 | |
| CVE-2026-2447 | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Buffer Overflow | |
| CRLF Injection | |
| Deserialization of Untrusted Data | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Improper Input Validation | |
| CRLF Injection | |
| Arbitrary Code Injection | |
| CRLF Injection | |
| Arbitrary Command Injection | |
| Arbitrary Command Injection | |
| Improper Neutralization | |
| CVE-2026-0890 | |
| CVE-2026-0887 | |
| NULL Pointer Dereference | |
| CVE-2026-0883 | |
| CVE-2026-0884 | |
| CVE-2026-0882 | |
| CVE-2026-0880 | |
| CVE-2026-0886 | |
| CVE-2026-0877 | |
| CVE-2026-0891 | |
| CVE-2026-0885 | |
| CVE-2026-0879 | |
| CVE-2026-0878 | |
| Authentication Bypass | |
| Out-of-bounds Read | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Origin Validation Error | |
| CVE-2025-14330 | |
| CVE-2025-14329 | |
| CVE-2025-14328 | |
| Arbitrary Code Injection | |
| CVE-2025-14324 | |
| CVE-2025-14323 | |
| CVE-2025-14322 | |
| Use After Free | |
| CVE-2025-14330 | |
| Origin Validation Error | |
| CVE-2025-14328 | |
| CVE-2025-14322 | |
| Arbitrary Code Injection | |
| CVE-2025-14323 | |
| Out-of-bounds Write | |
| CVE-2025-14324 | |
| CVE-2025-14329 | |
| Improper Verification of Source of a Communication Channel | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Read | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Expired Pointer Dereference | |
| Origin Validation Error | |
| Cross-site Scripting (XSS) | |
| Trust Boundary Violation | |
| Out-of-bounds Write | |
| Authentication Bypass | |
| Expired Pointer Dereference | |
| Cross-site Scripting (XSS) | |
| Race Condition | |
| Algorithmic Complexity | |
| Out-of-bounds Read | |
| CVE-2025-11152 | |
| Cross-site Scripting (XSS) | |
| Race Condition | |
| Expired Pointer Dereference | |
| Expired Pointer Dereference | |
| Authentication Bypass | |
| Out-of-bounds Write | |
| Trust Boundary Violation | |
| Origin Validation Error | |
| Cross-site Scripting (XSS) | |
| Allocation of Resources Without Limits or Throttling | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Interpretation Conflict | |
| Improper Access Control | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Out-of-bounds Write | |
| Use After Free | |
| Interpretation Conflict | |
| Use After Free | |
| Out-of-Bounds | |
| Out-of-bounds Write | |
| Out-of-Bounds | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Improper Access Control | |
| CVE-2025-10537 | |
| CVE-2025-10536 | |
| Integer Overflow or Wraparound | |
| Out-of-bounds Read | |
| CVE-2025-10529 | |
| Access of Uninitialized Pointer | |
| Use After Free | |
| Integer Overflow or Wraparound | |
| Access of Uninitialized Pointer | |
| CVE-2025-10537 | |
| Use After Free | |
| CVE-2025-10536 | |
| CVE-2025-10529 | |
| Out-of-bounds Read | |
| Out-of-Bounds | |
| Resource Exhaustion | |
| Improper Initialization | |
| Information Exposure | |
| Out-of-Bounds | |
| Information Exposure Through Caching | |
| Improper Neutralization | |
| Improper Input Validation | |
| Improper Initialization | |
| Out-of-Bounds | |
| Information Exposure | |
| Improper Input Validation | |
| Out-of-Bounds | |
| Integer Overflow or Wraparound | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| NULL Pointer Dereference | |
| Protection Mechanism Failure | |
| Incorrect Default Permissions | |
| Arbitrary Code Injection | |
| Cross-site Scripting (XSS) | |
| Insufficient Protection Against Instruction Skipping Via Fault Injection | |
| Use of Uninitialized Variable | |
| Buffer Over-read | |
| Improper Encoding or Escaping of Output | |
| Out-of-Bounds | |
| NULL Pointer Dereference | |
| Protection Mechanism Failure | |
| Insufficient Protection Against Instruction Skipping Via Fault Injection | |
| Use of Uninitialized Variable | |
| Incorrect Default Permissions | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Out-of-Bounds | |
| Use of Insufficiently Random Values | |
| Numeric Truncation Error | |
| HTTP Request Smuggling | |
| HTTP Request Smuggling | |
| Cross-site Scripting (XSS) | |
| Use of Incorrectly-Resolved Name or Reference | |
| Information Exposure | |
| Use After Free | |
| Improper Input Validation | |
| Out-of-Bounds | |
| Resource Exhaustion | |
| Reachable Assertion | |
| Integer Overflow or Wraparound | |
| Integer Overflow or Wraparound | |
| Integer Overflow or Wraparound | |
| Inefficient Regular Expression Complexity | |
| Double Free | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Encoding or Escaping of Output | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| CVE-2025-48068 | |
| Improper Validation of Unsafe Equivalence in Input | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Encoding or Escaping of Output | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Double Free | |
| Race Condition | |
| Allocation of Resources Without Limits or Throttling | |
| Buffer Overflow | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Insufficient Compartmentalization | |
| Arbitrary Code Injection | |
| Insufficient Compartmentalization | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Arbitrary Code Injection | |
| Buffer Overflow | |
| Incomplete Filtering of Special Elements | |
| Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | |
| Use After Free | |
| Buffer Overflow | |
| Origin Validation Error | |
| Use After Free | |
| Information Exposure | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Information Exposure | |
| Origin Validation Error | |
| Out-of-bounds Write | |
| Uncontrolled Recursion | |
| Buffer Overflow | |
| Buffer Overflow | |
| Improper Check for Unusual or Exceptional Conditions | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Cleanup on Thrown Exception | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-bounds Read | |
| Use After Free | |
| Use After Free | |
| Access of Uninitialized Pointer | |
| Buffer Overflow | |
| Missing Authentication for Critical Function | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Buffer Overflow | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Buffer Overflow | |
| Buffer Overflow | |
| Improper Validation of Specified Quantity in Input | |
| Race Condition | |
| Use After Free | |
| Out-of-Bounds | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Product UI does not Warn User of Unsafe Actions | |
| Improper Validation of Integrity Check Value | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Cross-site Scripting (XSS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Buffer Overflow | |
| Allocation of Resources Without Limits or Throttling | |
| Buffer Overflow | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Use After Free | |
| Open Redirect | |
| Use After Free | |
| Unintended Proxy or Intermediary ('Confused Deputy') | |
| Incorrect Bitwise Shift of Integer | |
| NULL Pointer Dereference | |
| Out-of-bounds Read | |
| Missing Synchronization | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Double Free | |
| Cross-site Scripting (XSS) | |
| Product UI does not Warn User of Unsafe Actions | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Cross-site Scripting (XSS) | |
| Improper Validation of Integrity Check Value | |
| Buffer Overflow | |
| Resource Exhaustion | |
| Out-of-bounds Read | |
| CVE-2024-10941 | |
| Buffer Overflow | |
| Resource Exhaustion | |
| Improper Input Validation | |
| Improper Control of Interaction Frequency | |
| Overly Permissive Cross-domain Whitelist | |
| Improper Handling of Insufficient Permissions or Privileges | |
| Cross-site Scripting (XSS) | |
| Improper Verification of Source of a Communication Channel | |
| Use After Free | |
| Improper Handling of Insufficient Permissions or Privileges | |
| Out-of-bounds Read | |
| Inefficient Regular Expression Complexity | |
| Use After Free | |
| Buffer Overflow | |
| Buffer Overflow | |
| Buffer Overflow | |
| Uncontrolled Memory Allocation | |
| Improper Check for Unusual or Exceptional Conditions | |
| Information Exposure | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-Bounds | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Origin Validation Error | |
| CVE-2024-8900 | |
| Buffer Overflow | |
| Improperly Implemented Security Check for Standard | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-bounds Write | |
| Missing Authorization | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Incorrect Type Conversion or Cast | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use of Uninitialized Resource | |
| Buffer Overflow | |
| Improper Input Validation | |
| Use After Free | |
| Heap-based Buffer Overflow | |
| Improper Input Validation | |
| Use After Free | |
| Heap-based Buffer Overflow | |
| Race Condition | |
| Heap-based Buffer Overflow | |
| Buffer Overflow | |
| Compilation with Insufficient Warnings or Errors | |
| Authentication Bypass | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Incorrect Conversion between Numeric Types | |
| Arbitrary Code Injection | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| The UI Performs the Wrong Action | |
| The UI Performs the Wrong Action | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Use of Uninitialized Variable | |
| Insufficient Verification of Data Authenticity | |
| Resource Exhaustion | |
| Improper Handling of Insufficient Permissions or Privileges | |
| Out-of-bounds Read | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Buffer Overflow | |
| Buffer Overflow | |
| Incorrect Behavior Order: Early Validation | |
| Compilation with Insufficient Warnings or Errors | |
| Information Exposure | |
| Out-of-Bounds | |
| Resource Exhaustion | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Authentication Bypass | |
| Authentication Bypass | |
| Multiple Interpretations of UI Input | |
| Buffer Overflow | |
| Memory Leak | |
| Open Redirect | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Product UI does not Warn User of Unsafe Actions | |
| Improper Handling of Exceptional Conditions | |
| Use After Free | |
| Buffer Overflow | |
| Improper Validation of Specified Type of Input | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Access Control | |
| Covert Timing Channel | |
| Use After Free | |
| Buffer Overflow | |
| Directory Traversal | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Improper Preservation of Permissions | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Product UI does not Warn User of Unsafe Actions | |
| Use After Free | |
| Out-of-Bounds | |
| Use After Free | |
| Buffer Overflow | |
| Truncation of Security-relevant Information | |
| Information Exposure | |
| Buffer Overflow | |
| Buffer Overflow | |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
| Buffer Overflow | |
| Race Condition | |
| Out-of-bounds Read | |
| Improper Handling of Insufficient Permissions or Privileges | |
| Improper Input Validation | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision | |
| Improper Handling of Inconsistent Structural Elements | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Buffer Overflow | |
| Insufficient UI Warning of Dangerous Operations | |
| Improper Handling of Alternate Encoding | |
| Use After Free | |
| Incorrect Type Conversion or Cast | |
| Use After Free | |
| Out-of-bounds Write | |
| Incorrect Synchronization | |
| Cross-site Scripting (XSS) | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Heap-based Buffer Overflow | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Use After Free | |
| Out-of-bounds Write | |
| Use After Free | |
| Buffer Overflow | |
| Arbitrary Code Injection | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| The UI Performs the Wrong Action | |
| Buffer Overflow | |
| Integer Overflow or Wraparound | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Return of Wrong Status Code | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| Buffer Overflow | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Incorrect Type Conversion or Cast | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Arbitrary Code Injection | |
| Exposure of System Data to an Unauthorized Control Sphere | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Preservation of Permissions | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Cross-site Scripting (XSS) | |
| Buffer Overflow | |
| Buffer Overflow | |
| Resource Exhaustion | |
| Buffer Overflow | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Incorrect Regular Expression | |
| CVE-2023-23602 | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Arbitrary Command Injection | |
| Multiple Interpretations of UI Input | |
| Insufficient UI Warning of Dangerous Operations | |
| Use of Unmaintained Third Party Components | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Read | |
| Use After Free | |
| Out-of-bounds Write | |
| Resource Exhaustion | |
| Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Improper Check for Unusual or Exceptional Conditions | |
| Out-of-bounds Write | |
| Buffer Overflow | |
| Use After Free | |
| Buffer Overflow | |
| Information Exposure | |
| Information Exposure | |
| Information Exposure | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Cross-site Scripting (XSS) | |
| Information Exposure | |
| Unquoted Search Path or Element | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Integer Overflow or Wraparound | |
| Use After Free | |
| Out-of-bounds Read | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Resource Exhaustion | |
| Product UI does not Warn User of Unsafe Actions | |
| Use After Free | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Incorrect Permission Assignment for Critical Resource | |
| Buffer Overflow | |
| Buffer Overflow | |
| Inadequate Encryption Strength | |
| Improper Input Validation | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Input Validation | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Time-of-check Time-of-use (TOCTOU) | |
| Use After Free | |
| Use After Free | |
| Use of Uninitialized Resource | |
| Buffer Overflow | |
| Incorrect Calculation | |
| Unrestricted Upload of File with Dangerous Type | |
| Failure to Sanitize Special Element | |
| Reachable Assertion | |
| Out-of-Bounds | |
| Direct Request ('Forced Browsing') | |
| Double Free | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Improperly Implemented Security Check for Standard | |
| Use After Free | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Cross-site Scripting (XSS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Improper Validation of Integrity Check Value | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Information Exposure | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Sensitive Cookie with Improper SameSite Attribute | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Information Exposure | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Use of Uninitialized Variable | |
| Allocation of Resources Without Limits or Throttling | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Buffer Overflow | |
| Null Byte Interaction Error (Poison Null Byte) | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Information Exposure | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Information Exposure | |
| Information Exposure | |
| Use After Free | |
| Improper Input Validation | |
| Buffer Overflow | |
| Information Exposure | |
| Buffer Overflow | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Use After Free | |
| Use After Free | |
| Incorrect Use of Privileged APIs | |
| Integer Overflow or Wraparound | |
| NULL Pointer Dereference | |
| Arbitrary Argument Injection | |
| Improper Preservation of Permissions | |
| Improper Preservation of Permissions | |
| Use After Free | |
| Out-of-bounds Write | |
| Information Exposure | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| NULL Pointer Dereference | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Improper Following of a Certificate's Chain of Trust | |
| Use After Free | |
| Use After Free | |
| Information Exposure | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Write | |
| Use After Free | |
| Open Redirect | |
| Cross-site Scripting (XSS) | |
| Buffer Overflow | |
| Improper Neutralization of Special Elements | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Incorrect Default Permissions | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-bounds Read | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Integer Overflow or Wraparound | |
| Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Execution with Unnecessary Privileges | |
| Use After Free | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Buffer Overflow | |
| Missing Authorization | |
| Reliance on Untrusted Inputs in a Security Decision | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Neutralization of Special Elements | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Buffer Overflow | |
| Cross-site Scripting (XSS) | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Cross-site Scripting (XSS) | |
| Privilege Context Switching Error | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Use After Free | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-Bounds | |
| Information Exposure | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Use After Free | |
| Buffer Overflow | |
| Information Exposure | |
| Improper Input Validation | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-Bounds | |
| Improper Authentication | |
| Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Missing Authorization | |
| Improper Access Control | |
| Improper Access Control | |
| Integer Overflow or Wraparound | |
| Race Condition | |
| Buffer Overflow | |
| Buffer Overflow | |
| Information Exposure | |
| Use After Free | |
| Buffer Overflow | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Out-of-bounds Write | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| Information Exposure | |
| Heap-based Buffer Overflow | |
| Buffer Overflow | |
| Buffer Overflow | |
| Missing Authorization | |
| Integer Overflow or Wraparound | |
| Eval Injection | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Use After Free | |
| Use After Free | |
| Buffer Overflow | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Integer Overflow or Wraparound | |
| Use After Free | |
| Buffer Overflow | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Buffer Overflow | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Use After Free | |
| Download of Code Without Integrity Check | |
| Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Incorrect Authorization | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Arbitrary Command Injection | |
| Out-of-bounds Read | |
| Inclusion of Functionality from Untrusted Control Sphere | |
| Incorrect Authorization | |
| Out-of-bounds Read | |
| Out-of-bounds Read | |
| Use After Free | |
| Out-of-Bounds | |
| Out-of-bounds Read | |
| Out-of-Bounds | |
| Information Exposure | |
| Information Exposure | |
| DEPRECATED: Use of Uninitialized Resource | |
| Use After Free | |
| Use After Free | |
| Error Handling | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Buffer Overflow | |
| Integer Overflow or Wraparound | |
| Improper Cross-boundary Removal of Sensitive Data | |
| Buffer Overflow | |
| Out-of-bounds Write | |
| Buffer Overflow | |
| Buffer Overflow | |
| Out-of-Bounds | |
| Missing Initialization of a Variable | |
| Out-of-bounds Read | |
| Out-of-bounds Read | |
| Heap-based Buffer Overflow | |
| Heap-based Buffer Overflow | |
| Out-of-bounds Read | |
| Improper Input Validation | |
| Out-of-bounds Read | |
| Use After Free | |
| Use After Free | |
| Out-of-bounds Read | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| CVE-2017-5390 | |
| Use After Free | |
| CVE-2017-5386 | |
| Use After Free | |
| Improper Input Validation | |
| Out-of-Bounds | |
| Use After Free | |
| Information Exposure | |
| Use After Free | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Integer Overflow or Wraparound | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Read | |
| Out-of-Bounds | |
| Use After Free | |
| Out-of-Bounds | |
| Incorrect Permission Assignment for Critical Resource | |
| CVE-2017-5455 | |
| Information Exposure | |
| Improper Input Validation | |
| Improper Input Validation | |
| Out-of-bounds Write | |
| Use After Free | |
| Out-of-bounds Read | |
| Improper Validation of Array Index | |
| Out-of-Bounds | |
| Out-of-bounds Write | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Out-of-bounds Write | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Out-of-bounds Read | |
| Stack-based Buffer Overflow | |
| Out-of-bounds Read | |
| Use After Free | |
| Improper Input Validation | |
| Use After Free | |
| Use After Free | |
| Out-of-Bounds | |
| Use After Free | |
| Use After Free | |
| Use After Free | |
