Common Weakness Enumeration | ScyScan

- Rank
- ID
- Name
- Last Updated
- 1
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- 2024-02-29
- 2
- CWE-787
- Out-of-bounds Write
- 2024-07-16
- 3
- CWE-89
- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- 2024-07-16
- 4
- CWE-352
- Cross-Site Request Forgery (CSRF)
- 2023-06-29
- 5
- CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- 2024-07-16
- 6
- CWE-125
- Out-of-bounds Read
- 2024-07-16
- 7
- CWE-78
- Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
- 2024-07-16
- 8
- CWE-416
- Use After Free
- 2024-07-16
- 9
- CWE-862
- Missing Authorization
- 2023-06-29
- 10
- CWE-434
- Unrestricted Upload of File with Dangerous Type
- 2024-07-16
- 11
- CWE-94
- Improper Control of Generation of Code ('Code Injection')
- 2024-07-16
- 12
- CWE-20
- Improper Input Validation
- 2024-07-16
- 13
- CWE-77
- Improper Neutralization of Special Elements used in a Command ('Command Injection')
- 2024-07-16
- 14
- CWE-287
- Improper Authentication
- 2024-07-16
- 15
- CWE-269
- Improper Privilege Management
- 2024-07-16
- 16
- CWE-502
- Deserialization of Untrusted Data
- 2023-06-29
- 17
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- 2023-10-26
- 18
- CWE-863
- Incorrect Authorization
- 2024-02-29
- 19
- CWE-918
- Server-Side Request Forgery (SSRF)
- 2023-06-29
- 20
- CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- 2024-07-16
- 21
- CWE-476
- NULL Pointer Dereference
- 2024-07-16
- 22
- CWE-798
- Use of Hard-coded Credentials
- 2024-07-16
- 23
- CWE-190
- Integer Overflow or Wraparound
- 2024-07-16
- 24
- CWE-400
- Uncontrolled Resource Consumption
- 2023-06-29
- 25
- CWE-306
- Missing Authentication for Critical Function
- 2024-07-16

source: cwe.mitre.org