Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-586 The software makes an explicit call to the finalize() method from outside the finalizer.
CWE-587 The software sets a pointer to a specific address other than NULL or 0.
CWE-588 Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption.
CWE-589 The software uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.
CWE-686 The software calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses.
CWE-59 The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CWE-590 The application calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as malloc(), calloc(), or realloc().
CWE-591 The application stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk by the virtual memory manager. This can make the data more accessible to external actors.
CWE-592 This weakness has been deprecated because it covered redundant concepts already described in CWE-287.
CWE-593 The software modifies the SSL context after connection creation has begun.