| CWE-657 |
The product violates well-established principles for secure design. |
| CWE-66 |
The product does not handle or incorrectly handles a file name that identifies a "virtual" resource that is not directly specified within the directory that is associated with the file name, causing the product to perform file-based operations on a resource that is not a file. |
| CWE-662 |
The software utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes. |
| CWE-663 |
The software calls a non-reentrant function in a concurrent context in which a competing code sequence (e.g. thread or signal handler) may have an opportunity to call the same function or otherwise influence its state. |
| CWE-664 |
The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release. |
| CWE-665 |
The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. |
| CWE-666 |
The software performs an operation on a resource at the wrong phase of the resource's lifecycle, which can lead to unexpected behaviors. |
| CWE-667 |
The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. |
| CWE-668 |
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. |
| CWE-669 |
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource. |
