| Link Following | |
| Cross-site Scripting (XSS) | |
| HTTP Request Smuggling | |
| Incorrect Authorization | |
| Incorrect Authorization | |
| Race Condition | |
| Improper Input Validation | |
| Resource Exhaustion | |
| Improper Verification of Cryptographic Signature | |
| Information Exposure | |
| OS Command Injection | |
| Improper Handling of Exceptional Conditions | |
| Use of Uninitialized Variable | |
| Improper Input Validation | |
| Truncation of Security-relevant Information | |
| Resource Exhaustion | |
| Allocation of Resources Without Limits or Throttling | |
| Allocation of Resources Without Limits or Throttling | |
| Incorrect Authorization | |
| Resource Exhaustion | |
| HTTP Response Splitting | |
| CVE-2023-2727 | |
| CVE-2023-2728 | |
| Incorrect Default Permissions | |
| Authentication Bypass by Primary Weakness | |
| Information Exposure | |
| Arbitrary Code Injection | |
| Insecure Default Variable Initialization | |
| Authentication Bypass | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Initialization | |
| Server-Side Request Forgery (SSRF) | |
| Directory Traversal | |
| Authorization Bypass Through User-Controlled Key | |
| Improper Certificate Validation | |
| Improper Preservation of Permissions | |
| Improper Input Validation | |
| Improper Validation of Array Index | |
| Improper Certificate Validation | |
| Improper Input Validation | |
| Link Following | |
| Improper Output Neutralization for Logs | |
| Time-of-check Time-of-use (TOCTOU) | |
| Improper Output Neutralization for Logs | |
| Improper Output Neutralization for Logs | |
| Authentication Bypass | |
| Information Exposure | |
| Resource Exhaustion | |
| Improper Access Control | |
| Information Exposure | |
| Improper Input Validation | |
| Insufficiently Protected Credentials | |
| Information Exposure Through Log Files | |
| Authentication Bypass by Primary Weakness | |
| Link Following | |
| Incorrect Permission Assignment for Critical Resource | |
| Resource Exhaustion | |
| Directory Traversal | |
| Resource Exhaustion | |
| Improper Access Control | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Man-in-the-Middle (MitM) | |
| Open Redirect | |
| Information Exposure | |
| Placement of User into Incorrect Group | |
| File and Directory Information Exposure | |
| Algorithmic Complexity | |
| CVE-2022-41715 | |
| Allocation of Resources Without Limits or Throttling | |
| HTTP Request Smuggling | |
| Directory Traversal | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Improperly Controlled Sequential Memory Allocation | |
| Improper Input Validation | |
| Insufficient Entropy | |
| Improper Privilege Management | |
| Missing Release of Resource after Effective Lifetime | |
| Use of a Broken or Risky Cryptographic Algorithm | |
| Resource Exhaustion | |
| Unchecked Return Value | |
| Incorrect Authorization | |
| Integer Overflow or Wraparound | |
| Information Exposure | |
| Resource Exhaustion | |
| Improper Input Validation | |
| Improper Input Validation | |
| Resource Exhaustion | |
| Race Condition | |
| Improper Input Validation | |
| Resource Exhaustion | |
| Improper Input Validation | |
| Improper Input Validation | |
| Incorrect Calculation | |
| NULL Pointer Dereference | |
| Improper Certificate Validation | |
| Race Condition | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| HTTP Request Smuggling | |
| Resource Exhaustion | |
| Resource Exhaustion | |
| Improper Input Validation | |
| Resource Exhaustion | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Improper Input Validation | |
| Loop with Unreachable Exit Condition ('Infinite Loop') | |
| Improper Handling of Length Parameter Inconsistency | |
| Use After Free | |
