Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-594 When the J2EE container attempts to write unserializable objects to disk there is no guarantee that the process will complete successfully.
CWE-595 The program compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.
CWE-596 This weakness has been deprecated. It was poorly described and difficult to distinguish from other entries. It was also inappropriate to assign a separate ID solely because of domain-specific considerations. Its closest equivalent is CWE-1023.
CWE-597 The product uses the wrong operator when comparing a string, such as using "==" when the equals() method should be used instead.
CWE-598 The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that requests.
CWE-599 The software uses OpenSSL and trusts or uses a certificate without using the SSL_get_verify_result() function to ensure that the certificate satisfies all necessary security requirements.
CWE-6 The J2EE application is configured to use an insufficient session ID length.
CWE-600 The Servlet does not catch all exceptions, which may reveal sensitive debugging information.
CWE-601 A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
CWE-602 The software is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.