| Information Exposure | |
| Improper Authorization | |
| Use After Free | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Cross-site Scripting (XSS) | |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | |
| Out-of-bounds Write | |
| Use After Free | |
| Use After Free | |
| Origin Validation Error | |
| Information Exposure | |
| Off-by-one Error | |
| Integer Overflow or Wraparound | |
| Buffer Overflow | |
| Use of Uninitialized Resource | |
| Denial of Service (DoS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-Bounds | [,115.27)[128.0,128.14)[140.0,140.2) |
| Origin Validation Error | [,115.27)[128.0,128.14)[140.0,140.2) |
| Out-of-Bounds | |
| Out-of-Bounds | [,115.27)[128.0,128.14)[140.0,140.2) |
| Out-of-Bounds | [,115.26)[128.0,128.13)[140.1-b1,140.1) |
| Incorrect Calculation of Buffer Size | [,128.13)[140.0-b1,140.1) |
| Improper Encoding or Escaping of Output | [,128.13)[140.0-b1,140.1) |
| Information Exposure | [,128.13)[140.0-b1,140.1) |
| Origin Validation Error | |
| Protection Mechanism Failure | [,128.13)[140.0-b1,140.1) |
| Arbitrary Code Injection | [,128.13)[140.0-b1,140.1) |
| Out-of-Bounds | [,115.26)[128.0,128.13)[140.1-b1,140.1) |
| NULL Pointer Dereference | [,115.26)[128.0,128.13)[140.1-b1,140.1) |
| Out-of-Bounds | [,128.13)[141.0-b1,141.0) |
| Improper Authentication | |
| Out-of-Bounds | |
| Improper Input Validation | |
| Information Exposure | |
| Use After Free | [,115.25)[128.0-esr,128.12) |
| Cross-site Request Forgery (CSRF) | |
| Cross-site Scripting (XSS) | |
| Exposure of Resource to Wrong Sphere | |
| Information Exposure | [,115.25)[128.0-esr,128.12) |
| Out-of-bounds Write | |
| Arbitrary Command Injection | |
| Unsafe Dependency Resolution | |
| Out-of-Bounds | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Arbitrary Code Injection | |
| Origin Validation Error | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | |
| Arbitrary Code Injection | [,115.23)[120.0b1,128.10) |
| Out-of-bounds Read | [,115.23)[120.0b1,128.10) |
| Improper Isolation or Compartmentalization | [,115.23)[120.0b1,128.10) |
| Improper Encoding or Escaping of Output | [,115.23)[120.0b1,128.10) |
| Out-of-bounds Read | |
| Out-of-bounds Write | [,115.23.1)[120.0b1,128.10.1) |
| Out-of-bounds Write | [,115.23.1)[120.0b1,128.10.1) |
| Use After Free | |
| Out-of-Bounds | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Improper Isolation or Compartmentalization | |
| Use After Free | |
| Use After Free | |
| Out-of-Bounds | |
| Out-of-bounds Write | |
| Out-of-bounds Read | |
| Out-of-bounds Write | |
| Improper Synchronization | |
| Arbitrary Code Injection | |
| Access Control Bypass | |
| Use After Free | |
| Use After Free | |
| Out-of-Bounds | |
| Use After Free | |
| Buffer Overflow | |
| Buffer Overflow | |
| Out-of-bounds Write | |
| Improper Certificate Validation | |
| Use After Free | |
| Improper Privilege Management | |
| Use After Free | |
| Out-of-bounds Write | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-bounds Write | |
| Improper Initialization | |
| Access Control Bypass | |
| Cross-site Scripting (XSS) | |
| Arbitrary Code Injection | |
| Improper Check for Unusual or Exceptional Conditions | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Denial of Service (DoS) | |
| Use After Free | |
| Incorrect Default Permissions | |
| Cross-site Scripting (XSS) | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Exposure of Resource to Wrong Sphere | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Denial of Service (DoS) | |
| User Impersonation | |
| Use After Free | [,115.16.1)[128.0,128.3.1) |
| Information Exposure | |
| Information Exposure | |
| Origin Validation Error | |
| Arbitrary Code Injection | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Denial of Service (DoS) | |
| Arbitrary Code Injection | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Out-of-Bounds | |
| Out-of-Bounds | |
| Type Confusion | |
| Type Confusion | |
| Information Exposure | |
| Improper Handling of Exceptional Conditions | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-bounds Write | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-Bounds | |
| Use After Free | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Information Exposure | |
| Cross-site Scripting (XSS) | |
| Out-of-bounds Read | |
| Information Exposure | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Improper Access Control | |
| Use After Free | |
| Type Confusion | |
| Out-of-bounds Write | |
| Use After Free | |
| Out-of-bounds Write | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Race Condition | |
| Out-of-bounds Read | |
| Access of Uninitialized Pointer | |
| Access Restriction Bypass | |
| Timing Attack | |
| Use After Free | |
| Cross-site Scripting (XSS) | |
| Use After Free | |
| Improper Privilege Management | |
| Out-of-bounds Write | |
| Improper Input Validation | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Exposure of Sensitive Information to an Unauthorized Actor | |
| Information Exposure | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Classic Buffer Overflow | |
| Use After Free | |
| Resource Exhaustion | |
| Uncontrolled Resource Consumption ('Resource Exhaustion') | |
| Use After Free | |
| Use After Free | |
| Out-of-bounds Read | |
| Insufficient UI Warning of Dangerous Operations | |
| Out-of-bounds Read | |
| Access of Resource Using Incompatible Type ('Type Confusion') | |
| Out-of-Bounds | |
| Improper Control of Generation of Code ('Code Injection') | |
| Uncontrolled Resource Consumption ('Resource Exhaustion') | |
| Improper Privilege Management | |
| Timing Attack | |
| Code Injection | |
| Cross-Site Request Forgery (CSRF) | |
| Integer Overflow or Wraparound | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Code Injection | |
| Out-of-bounds Read | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Open Redirect | |
| User Interface (UI) Misrepresentation of Critical Information | |
| The UI Performs the Wrong Action | |
| Buffer Overflow | |
| Incorrect Conversion between Numeric Types | |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | |
| Inadequate Encryption Strength | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') | |
| Improper Access Control | |
| User Interface (UI) Misrepresentation of Critical Information | |
| Out-of-bounds Write | |
| Improper Input Validation | |
| Use After Free | |
| Heap-based Buffer Overflow | |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') | |
| Use of Uninitialized Resource | |
| Improper Input Validation | |
| Heap-based Buffer Overflow | |
| Use After Free | |
| Heap-based Buffer Overflow | |
| Race Condition | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Use After Free | |
| Directory Traversal | |
| Use After Free | |
| Buffer Overflow | |
| Information Exposure | |
| Improper Input Validation | |
| Product UI Spoofing | |
| URL Redirection to Untrusted Site | |
| Product UI Manipulable for User-Controlled Input | |
| Improper Release of Memory Before Removing Last Reference | |
| Improper Restriction of Operations within the Bounds of a Memory Buffer | |
| Insufficient UI Warning of Dangerous Operations | |
| Multiple Interpretations of UI Input | |
| Double Free | |
| Out-of-bounds Write | |
| Out-of-bounds Write | |
| Use After Free | |
| Buffer Overflow | |
| Denial of Service (DoS) | |
| Use After Free | |
| Buffer Overflow | |
| Buffer Overflow | |
| Information Exposure | |
| Integer Overflow or Wraparound | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Insecure Defaults | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Improper Access Control | |
| Denial of Service (DoS) | |
| Reliance on Cookies without Validation and Integrity Checking | |
| Race Condition | |
| Improper Input Validation | |
| Insecure Permissions | |
| Unsafe Dependency Resolution | |
| Buffer Overflow | |
| Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Compilation with Insufficient Warnings or Errors | |
| Buffer Overflow | |
| User Impersonation | |
| Use After Free | |
| Denial of Service (DoS) | |
| Buffer Overflow | |
| Buffer Overflow | |
| Denial of Service (DoS) | |
| Authentication Bypass | |
| Access Restriction Bypass | |
| Multiple Interpretations of UI Input | |
| Denial of Service (DoS) | |
| Out-of-Bounds Write | |
| Out-of-bounds Write | |
| Access Restriction Bypass | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Access Restriction Bypass | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Buffer Overflow | |
| Buffer Overflow | |
| Arbitrary Command Injection | |
| Authentication Bypass | |
| Missing Origin Validation in WebSockets | |
| Incorrect Regular Expression | |
| Buffer Overflow | |
| Remote Code Execution (RCE) | |
| Arbitrary File Read | |
| Time-of-check Time-of-use (TOCTOU) Race Condition | |
| Sandbox Bypass | |
| Information Exposure | |
| Arbitrary Code Execution | |
| Arbitrary Code Execution | |
| Denial of Service (DoS) | |
| Access Restriction Bypass | |
| Denial of Service (DoS) | |
| Authorization Bypass | |
| Information Exposure | |
| Use After Free | |
| Use After Free | |
| Denial of Service (DoS) | |
| Denial of Service (DoS) | |
| Insufficient UI Warning of Dangerous Operations | |
| Arbitrary Code Execution | |
| Use After Free | |
| Access Control Bypass | |
| Use After Free | |
| Unsafe Dependency Resolution | |
| Buffer Overflow | |
| Improper Access Control | |
| Cross-site Scripting (XSS) | |
| Buffer Overflow | |
| Improper Access Control | |
| Information Exposure | |
| Access Control Bypass | |
| Access Control Bypass | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Buffer Overflow | |
| Use After Free | |
| Product UI does not Warn User of Unsafe Actions | |
| Buffer Overflow | |
| Buffer Overflow | |
| Out-of-bounds Read | |
| Buffer Overflow | |
| Use After Free | |
| Use After Free | |
| Improper Restriction of Rendered UI Layers or Frames | |
| Out-of-bounds Write | |
| Use After Free | |
| Use After Free | |
| Improper Preservation of Permissions | |
| User Interface Misrepresentation of Critical Information | |
| Use After Free | |
| Use After Free | |
