Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-424 The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
CWE-425 The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
CWE-426 The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
CWE-427 The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
CWE-43 A software system that accepts path input in the form of multiple trailing dot ('filedir....') without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
CWE-430 The wrong "handler" is assigned to process an object.
CWE-431 A handler is not available or implemented.
CWE-432 The application uses a signal handler that shares state with other signal handlers, but it does not properly mask or prevent those signal handlers from being invoked while the original signal handler is still running.
CWE-433 The software stores raw content or supporting code under the web document root with an extension that is not specifically handled by the server.