Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-309 The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.
CWE-31 The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize 'dir\..\..\filename' (multiple internal backslash dot dot) sequences that can resolve to a location that is outside of that directory.
CWE-312 The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
CWE-313 The application stores sensitive information in cleartext in a file, or on disk.
CWE-314 The application stores sensitive information in cleartext in the registry.
CWE-315 The application stores sensitive information in cleartext in a cookie.
CWE-316 The application stores sensitive information in cleartext in memory.
CWE-317 The application stores sensitive information in cleartext within the GUI.
CWE-318 The application stores sensitive information in cleartext in an executable.
CWE-319 The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.