Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-921 The software stores sensitive information in a file system or device that does not have built-in access control.
CWE-922 The software stores sensitive information without properly limiting read or write access by unauthorized actors.
CWE-923 The software establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.
CWE-924 The software establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.
CWE-925 The Android application uses a Broadcast Receiver that receives an Intent but does not properly verify that the Intent came from an authorized source.
CWE-926 The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
CWE-927 The Android application uses an implicit intent for transmitting sensitive data to other applications.
CWE-93 The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.
CWE-939 The software uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.
CWE-94 The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.