Inventory of vulnerabilities introduced during the design process. Explore weaknesses like 'Improper Input Validation' and 'External Control of File Name or Path'.

CWE-20: Improper Input Validation

CWE-73: Secure Code Review

CWE-99: OWASP Top Ten 2010 Category A4 - Insecure Direct Object References

CWE-115: Fuzz Testing

CWE-184: SFP Secondary Cluster - Tainted Input to Command

CWE-200: Loss of Confidentiality

CWE-201: Sensitive Data Exposure

CWE-202: SFP Secondary Cluster - State Disclosure

CWE-203: Information Exposure Through Discrepancy in Error Handling

CWE-204: SFP Secondary Cluster - State Disclosure

CWE-205: SFP Secondary Cluster State Disclosure

CWE-208: State Disclosure Vulnerability

CWE-209: Information Exposure Through an Error Message

CWE-210: Information Exposure Through Error Message

CWE-211: Sensitive Information Exposure Through Error Message

CWE-212: Improper Cross-boundary Removal of Sensitive Data

CWE-213: SFP Secondary Cluster: Exposed Data

CWE-214: SFP Secondary Cluster - Exposed Data

CWE-221: SFP Secondary Cluster - Information Loss

CWE-223: Acceptable-Use Policy Implementation

CWE-250: Privilege Separation Vulnerability

CWE-256: Passwords in Memory to Plaintext Storage

CWE-257: Storing Passwords In a Recoverable Format

CWE-260: Passwords Not Stored Safely

CWE-261: Weak Cryptographic Algorithms

CWE-262: Vulnerability Mapping Notes and Content History

CWE-263: Password Aging With Long Expiration

CWE-267: Secure Privilege Handling

CWE-268: Privilege Separation to Prevent Access Control Vulnerabilities

CWE-269: SFP Primary Cluster - Privilege

CWE-270: Privilege Separation

CWE-271: Separation of Privilege

CWE-276: Insecure File Permissions

CWE-282: SFP Secondary Cluster - Access Management

CWE-283: Inadequate Trust Zone Management

CWE-285: Improper Authorization

CWE-286: Abstraction

CWE-287: Authentication Issues

CWE-288: Authentication Bypass Using Alternate Channel

CWE-289: Input Validation and Data Sanitization Guidelines

CWE-294: Design Message Authentication Mechanism

CWE-295: Identification and Authentication Failures

CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

CWE-301: Distinct Key Usage in Architecture and Design

CWE-302: Authentication Bypass by Assumed Immutable Data

CWE-306: Missing Authentication for Critical Function

CWE-307: Improper Restriction of Excessive Authentication Attempts

CWE-308: Multiple Independent Authentication Schemes Utilized

CWE-309: Use of Password Reuse Risk

CWE-311: Failure to Encrypt Data

CWE-312: Insecure Cryptographic Storage

CWE-319: Insufficient Transport Layer Protection

CWE-322: Weak Cryptography Implementation

CWE-323: Cryptographic Issues

CWE-324: Weak Cryptography in SFP Secondary Cluster

CWE-326: Insecure Storage of Sensitive Data

CWE-327: Improper Cryptographic Storage

CWE-328: Using Adaptive Hash Functions in Architecture and Design

CWE-330: Use of Insufficiently Random Values

CWE-331: Insufficient Entropy

CWE-334: Recommended Utilization of FIPS 140-2 Standard Libraries

CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

CWE-340: Abstraction in Computer Science

CWE-341: Insufficient Entropy

CWE-342: Enhance Random Number Generator Entropy Levels

CWE-343: Enhance Entropy for PRNG Initialization

CWE-344: SFP Primary Cluster Predictability

CWE-345: Broken Authentication and Session Management

CWE-346: Insufficient Verification of Data Authenticity in Faulty Endpoint Authentication

CWE-347: Weak Cryptographic Algorithm

CWE-348: CWE Cross-section

CWE-353: Software and Data Integrity Failures

CWE-354: Insufficient Verification of Data Authenticity

CWE-356: CWE Entry Mapping and Abstraction

CWE-357: Security Protection Mechanism Failure

CWE-358: Vulnerability Associated with Mapping Real-World Situations

CWE-359: Exposure of Private Information

CWE-360: SFP Secondary Cluster - Faulty Endpoint Authentication

CWE-362: Synchronization Primitive Misuse in Architecture and Design

CWE-363: Potential Identif. of Vulnerabilities & Root Causes

CWE-368: SFP Secondary Cluster - Missing Lock

CWE-385: Introduction of Time Variations to Prevent Data Access

CWE-386: SFP Secondary Cluster: Link in Resource Name Resolution

CWE-400: Denial of Service By Overwhelming Resource Management

CWE-402: Exposed Resource

CWE-405: Insufficient Resource Allocation

CWE-406: Network Resource Access Management

CWE-407: Vulnerability: Algorithmic Complexity

CWE-408: Comprehensive Categorization: Insufficient Control Flow Management

CWE-409: Resource Management Errors

CWE-410: Denial of Service

CWE-412: Insecure Time and State Management

CWE-413: Missing Lock

CWE-414: SFP Secondary Cluster - Missing Lock

CWE-419: SFP Secondary Cluster Channel Attack

CWE-420: SFP Secondary Cluster Channel Attack

CWE-421: SFP Secondary Cluster: Channel Attack

CWE-424: Insecure Resource Access

CWE-434: Unrestricted File Upload

CWE-436: SFP Secondary Cluster Protocol Error

Discover vulnerabilities in the design process with CWE-701. Learn about weaknesses such as 'Improper Input Validation' and 'External Control of File Name or Path'.

CWE-701: Design Vulnerabilities Inventory

Objective

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CWE-701: Design Vulnerabilities Inventory

Objective

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now