CWE-1231 |
The product incorrectly implements register lock bit protection features such that protected controls can be programmed even after the lock has been set. |
CWE-1232 |
The product implements register lock bit protection features with the intent to disable changes to system configuration after the lock is set. Some of the protected registers or lock bits become programmable after power state transitions (e.g., Entry and wake from low power sleep modes). |
CWE-1233 |
The product implements a register lock bit protection feature that permits security sensitive controls to modify the protected configuration. |
CWE-1234 |
The product implements register lock bit protection features that may permit security sensitive controls to modify system configuration after the lock is set through internal modes or debug features. |
CWE-1235 |
The code uses boxed primitives, which may introduce inefficiencies into performance-critical operations. |
CWE-1236 |
The software saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. |
CWE-1239 |
The hardware product does not properly clear sensitive information from built-in registers when the user of the hardware block changes. |
CWE-124 |
The software writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. |
CWE-1240 |
The product implements a cryptographic algorithm using a non-standard or unproven cryptographic primitive. |
CWE-1241 |
The product requires a true random number but uses an algorithm that is predictable and generates a pseudo-random number. |