CWE-191 |
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result. |
CWE-192 |
Integer coercion refers to a set of flaws pertaining to the type casting, extension, or truncation of primitive data types. |
CWE-193 |
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value. |
CWE-194 |
The software performs an operation on a number that causes it to be sign extended when it is transformed into a larger data type. When the original number is negative, this can produce unexpected values that lead to resultant weaknesses. |
CWE-195 |
The software uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive. |
CWE-196 |
The software uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive. |
CWE-197 |
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. |
CWE-198 |
The software receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used. |
CWE-20 |
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly. |
CWE-200 |
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |