Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-538 The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
CWE-539 The web application uses persistent cookies, but the cookies contain sensitive information.
CWE-54 A software system that accepts path input in the form of trailing backslash ('filedir\') without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
CWE-540 Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.
CWE-541 If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.
CWE-542 This entry has been deprecated because its abstraction was too low-level. See CWE-532.
CWE-543 The software uses the singleton pattern when creating a resource within a multithreaded environment.
CWE-544 The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses.
CWE-545 This weakness has been deprecated because it partially overlaps CWE-470, it describes legitimate programmer behavior, and other portions will need to be integrated into other entries.
CWE-546 The code contains comments that suggest the presence of bugs, incomplete functionality, or weaknesses.