CWE-1399: Comprehensive Categorization: Memory Safety
ID
CWE-1399
Status
Incomplete
Weaknesses in this category are related to memory safety.
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Class | Simple | Stable | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-121 | Stack-based Buffer Overflow | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-122 | Heap-based Buffer Overflow | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-123 | Write-what-where Condition | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-124 | Buffer Underwrite ('Buffer Underflow') | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-125 | Out-of-bounds Read | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-126 | Buffer Over-read | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-127 | Buffer Under-read | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-129 | Improper Validation of Array Index | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-131 | Incorrect Calculation of Buffer Size | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-134 | Use of Externally-Controlled Format String | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-188 | Reliance on Data/Memory Layout | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-198 | Use of Incorrect Byte Ordering | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-401 | Missing Release of Memory after Effective Lifetime | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-415 | Double Free | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-416 | Use After Free | Variant | Simple | Stable | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-466 | Return of Pointer Value Outside of Expected Range | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-562 | Return of Stack Variable Address | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-587 | Assignment of a Fixed Address to a Pointer | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-590 | Free of Memory not on the Heap | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-680 | Integer Overflow to Buffer Overflow | Compound | Chain | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-690 | Unchecked Return Value to NULL Pointer Dereference | Compound | Chain | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-761 | Free of Pointer not at Start of Buffer | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-762 | Mismatched Memory Management Routines | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-763 | Release of Invalid Pointer or Reference | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-786 | Access of Memory Location Before Start of Buffer | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-787 | Out-of-bounds Write | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-788 | Access of Memory Location After End of Buffer | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-789 | Memory Allocation with Excessive Size Value | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-805 | Buffer Access with Incorrect Length Value | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-806 | Buffer Access Using Size of Source Buffer | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-822 | Untrusted Pointer Dereference | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-823 | Use of Out-of-range Pointer Offset | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-824 | Access of Uninitialized Pointer | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-825 | Expired Pointer Dereference | Base | Simple | Incomplete | |
Loading...