| CWE-828 |
The software defines a signal handler that contains code sequences that are not asynchronous-safe, i.e., the functionality is not reentrant, or it can be interrupted. |
| CWE-829 |
The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere. |
| CWE-83 |
The software does not neutralize or incorrectly neutralizes "javascript:" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style. |
| CWE-830 |
The software includes web functionality (such as a web widget) from another domain, which causes it to operate within the domain of the software, potentially granting total access and control of the software to the untrusted source. |
| CWE-831 |
The software defines a function that is used as a handler for more than one signal. |
| CWE-832 |
The software attempts to unlock a resource that is not locked. |
| CWE-833 |
The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. |
| CWE-834 |
The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed. |
| CWE-835 |
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. |
| CWE-836 |
The software records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to the hash obtained from the data store. |
