CWE-659: Weaknesses in Software Written in C++
ID
CWE-659
Type
Implicit
Status
Draft
This view (slice) covers issues that are found in C++ programs that are not common to all languages.
Relationships
Type | # ID | Name | Abstraction | Structure | Status | |
---|---|---|---|---|---|---|
Weakness | CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Class | Simple | Stable | |
Weakness | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') | Base | Simple | Incomplete | |
Weakness | CWE-121 | Stack-based Buffer Overflow | Variant | Simple | Draft | |
Weakness | CWE-122 | Heap-based Buffer Overflow | Variant | Simple | Draft | |
Weakness | CWE-123 | Write-what-where Condition | Base | Simple | Draft | |
Weakness | CWE-124 | Buffer Underwrite ('Buffer Underflow') | Base | Simple | Incomplete | |
Weakness | CWE-125 | Out-of-bounds Read | Base | Simple | Draft | |
Weakness | CWE-126 | Buffer Over-read | Variant | Simple | Draft | |
Weakness | CWE-127 | Buffer Under-read | Variant | Simple | Draft | |
Weakness | CWE-128 | Wrap-around Error | Base | Simple | Incomplete | |
Weakness | CWE-129 | Improper Validation of Array Index | Variant | Simple | Draft | |
Weakness | CWE-130 | Improper Handling of Length Parameter Inconsistency | Base | Simple | Incomplete | |
Weakness | CWE-131 | Incorrect Calculation of Buffer Size | Base | Simple | Draft | |
Weakness | CWE-1325 | Improperly Controlled Sequential Memory Allocation | Base | Simple | Incomplete | |
Weakness | CWE-1335 | Incorrect Bitwise Shift of Integer | Base | Simple | Draft | |
Weakness | CWE-134 | Use of Externally-Controlled Format String | Base | Simple | Draft | |
Weakness | CWE-1341 | Multiple Releases of Same Resource or Handle | Base | Simple | Incomplete | |
Weakness | CWE-135 | Incorrect Calculation of Multi-Byte String Length | Base | Simple | Draft | |
Weakness | CWE-14 | Compiler Removal of Code to Clear Buffers | Variant | Simple | Draft | |
Weakness | CWE-170 | Improper Null Termination | Base | Simple | Incomplete | |
Weakness | CWE-188 | Reliance on Data/Memory Layout | Base | Simple | Draft | |
Weakness | CWE-191 | Integer Underflow (Wrap or Wraparound) | Base | Simple | Draft | |
Weakness | CWE-192 | Integer Coercion Error | Variant | Simple | Incomplete | |
Weakness | CWE-194 | Unexpected Sign Extension | Variant | Simple | Incomplete | |
Weakness | CWE-195 | Signed to Unsigned Conversion Error | Variant | Simple | Draft | |
Weakness | CWE-196 | Unsigned to Signed Conversion Error | Variant | Simple | Draft | |
Weakness | CWE-197 | Numeric Truncation Error | Base | Simple | Incomplete | |
Weakness | CWE-242 | Use of Inherently Dangerous Function | Base | Simple | Draft | |
Weakness | CWE-243 | Creation of chroot Jail Without Changing Working Directory | Variant | Simple | Draft | |
Weakness | CWE-244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') | Variant | Simple | Draft | |
Weakness | CWE-248 | Uncaught Exception | Base | Simple | Draft | |
Weakness | CWE-362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') | Class | Simple | Draft | |
Weakness | CWE-364 | Signal Handler Race Condition | Base | Simple | Incomplete | |
Weakness | CWE-366 | Race Condition within a Thread | Base | Simple | Draft | |
Weakness | CWE-374 | Passing Mutable Objects to an Untrusted Method | Base | Simple | Draft | |
Weakness | CWE-375 | Returning a Mutable Object to an Untrusted Caller | Base | Simple | Draft | |
Weakness | CWE-396 | Declaration of Catch for Generic Exception | Base | Simple | Draft | |
Weakness | CWE-397 | Declaration of Throws for Generic Exception | Base | Simple | Draft | |
Weakness | CWE-401 | Missing Release of Memory after Effective Lifetime | Variant | Simple | Draft | |
Weakness | CWE-415 | Double Free | Variant | Simple | Draft | |
Weakness | CWE-416 | Use After Free | Variant | Simple | Stable | |
Weakness | CWE-457 | Use of Uninitialized Variable | Variant | Simple | Draft | |
Weakness | CWE-460 | Improper Cleanup on Thrown Exception | Base | Simple | Draft | |
Weakness | CWE-462 | Duplicate Key in Associative List (Alist) | Variant | Simple | Incomplete | |
Weakness | CWE-463 | Deletion of Data Structure Sentinel | Base | Simple | Incomplete | |
Weakness | CWE-464 | Addition of Data Structure Sentinel | Base | Simple | Incomplete | |
Weakness | CWE-466 | Return of Pointer Value Outside of Expected Range | Base | Simple | Draft | |
Weakness | CWE-467 | Use of sizeof() on a Pointer Type | Variant | Simple | Draft | |
Weakness | CWE-468 | Incorrect Pointer Scaling | Base | Simple | Incomplete | |
Weakness | CWE-469 | Use of Pointer Subtraction to Determine Size | Base | Simple | Draft | |
Weakness | CWE-476 | NULL Pointer Dereference | Base | Simple | Stable | |
Weakness | CWE-478 | Missing Default Case in Multiple Condition Expression | Base | Simple | Draft | |
Weakness | CWE-479 | Signal Handler Use of a Non-reentrant Function | Variant | Simple | Draft | |
Weakness | CWE-480 | Use of Incorrect Operator | Base | Simple | Draft | |
Weakness | CWE-481 | Assigning instead of Comparing | Variant | Simple | Draft | |
Weakness | CWE-482 | Comparing instead of Assigning | Variant | Simple | Draft | |
Weakness | CWE-483 | Incorrect Block Delimitation | Base | Simple | Draft | |
Weakness | CWE-484 | Omitted Break Statement in Switch | Base | Simple | Draft | |
Weakness | CWE-493 | Critical Public Variable Without Final Modifier | Variant | Simple | Draft | |
Weakness | CWE-495 | Private Data Structure Returned From A Public Method | Variant | Simple | Draft | |
Weakness | CWE-496 | Public Data Assigned to Private Array-Typed Field | Variant | Simple | Incomplete | |
Weakness | CWE-498 | Cloneable Class Containing Sensitive Information | Variant | Simple | Draft | |
Weakness | CWE-500 | Public Static Field Not Marked Final | Variant | Simple | Draft | |
Weakness | CWE-543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context | Variant | Simple | Incomplete | |
Weakness | CWE-558 | Use of getlogin() in Multithreaded Application | Variant | Simple | Draft | |
Weakness | CWE-562 | Return of Stack Variable Address | Base | Simple | Draft | |
Weakness | CWE-587 | Assignment of a Fixed Address to a Pointer | Variant | Simple | Draft | |
Weakness | CWE-676 | Use of Potentially Dangerous Function | Base | Simple | Draft | |
Weakness | CWE-690 | Unchecked Return Value to NULL Pointer Dereference | Compound | Chain | Draft | |
Weakness | CWE-704 | Incorrect Type Conversion or Cast | Class | Simple | Incomplete | |
Weakness | CWE-733 | Compiler Optimization Removal or Modification of Security-critical Code | Base | Simple | Incomplete | |
Weakness | CWE-762 | Mismatched Memory Management Routines | Variant | Simple | Incomplete | |
Weakness | CWE-766 | Critical Data Element Declared Public | Base | Simple | Incomplete | |
Weakness | CWE-767 | Access to Critical Private Variable via Public Method | Base | Simple | Incomplete | |
Weakness | CWE-781 | Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code | Variant | Simple | Draft | |
Weakness | CWE-782 | Exposed IOCTL with Insufficient Access Control | Variant | Simple | Draft | |
Weakness | CWE-783 | Operator Precedence Logic Error | Base | Simple | Draft | |
Weakness | CWE-785 | Use of Path Manipulation Function without Maximum-sized Buffer | Variant | Simple | Incomplete | |
Weakness | CWE-787 | Out-of-bounds Write | Base | Simple | Draft | |
Weakness | CWE-789 | Memory Allocation with Excessive Size Value | Variant | Simple | Draft | |
Weakness | CWE-805 | Buffer Access with Incorrect Length Value | Base | Simple | Incomplete | |
Weakness | CWE-806 | Buffer Access Using Size of Source Buffer | Variant | Simple | Incomplete | |
Weakness | CWE-839 | Numeric Range Comparison Without Minimum Check | Base | Simple | Incomplete | |
Weakness | CWE-843 | Access of Resource Using Incompatible Type ('Type Confusion') | Base | Simple | Incomplete | |
Weakness | CWE-910 | Use of Expired File Descriptor | Base | Simple | Incomplete | |
Weakness | CWE-911 | Improper Update of Reference Count | Base | Simple | Incomplete |
Loading...