CWE-1425: Weaknesses in the 2023 CWE Top 25 Most Dangerous Software Weaknesses
ID
CWE-1425
Type
Graph
Status
Draft
CWE entries in this view are listed in the 2023 CWE Top 25 Most Dangerous Software Weaknesses.
Relationships
| Type | # ID | Name | Abstraction | Structure | Status | |
|---|---|---|---|---|---|---|
| Weakness | CWE-787 | Out-of-bounds Write | Base | Simple | Draft | |
| Weakness | CWE-79 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Base | Simple | Stable | |
| Weakness | CWE-89 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | Base | Simple | Stable | |
| Weakness | CWE-416 | Use After Free | Variant | Simple | Stable | |
| Weakness | CWE-78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | Base | Simple | Stable | |
| Weakness | CWE-20 | Improper Input Validation | Class | Simple | Stable | |
| Weakness | CWE-125 | Out-of-bounds Read | Base | Simple | Draft | |
| Weakness | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | Base | Simple | Stable | |
| Weakness | CWE-352 | Cross-Site Request Forgery (CSRF) | Compound | Composite | Stable | |
| Weakness | CWE-434 | Unrestricted Upload of File with Dangerous Type | Base | Simple | Draft | |
| Weakness | CWE-862 | Missing Authorization | Class | Simple | Incomplete | |
| Weakness | CWE-476 | NULL Pointer Dereference | Base | Simple | Stable | |
| Weakness | CWE-287 | Improper Authentication | Class | Simple | Draft | |
| Weakness | CWE-190 | Integer Overflow or Wraparound | Base | Simple | Stable | |
| Weakness | CWE-502 | Deserialization of Untrusted Data | Base | Simple | Draft | |
| Weakness | CWE-77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') | Class | Simple | Draft | |
| Weakness | CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Class | Simple | Stable | |
| Weakness | CWE-798 | Use of Hard-coded Credentials | Base | Simple | Draft | |
| Weakness | CWE-918 | Server-Side Request Forgery (SSRF) | Base | Simple | Incomplete | |
| Weakness | CWE-306 | Missing Authentication for Critical Function | Base | Simple | Draft | |
| Weakness | CWE-362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') | Class | Simple | Draft | |
| Weakness | CWE-269 | Improper Privilege Management | Class | Simple | Draft | |
| Weakness | CWE-94 | Improper Control of Generation of Code ('Code Injection') | Base | Simple | Draft | |
| Weakness | CWE-863 | Incorrect Authorization | Class | Simple | Incomplete | |
| Weakness | CWE-276 | Incorrect Default Permissions | Base | Simple | Draft |
Loading...