CWE弱点浏览
Common Weakness Enumeration(通用弱点枚举)- 软件和硬件安全弱点的社区开发列表
总弱点数
969
分类数
410
视图数
56
CWE弱点列表 共 969 条
| CWE ID | 名称 | 抽象级别 | 状态 | 操作 |
|---|---|---|---|---|
| CWE-271 | Privilege Dropping / Lowering Errors | Class | Incomplete | 查看详情 |
| CWE-272 | Least Privilege Violation | Base | Incomplete | 查看详情 |
| CWE-273 | Improper Check for Dropped Privileges | Base | Incomplete | 查看详情 |
| CWE-274 | Improper Handling of Insufficient Privileges | Base | Draft | 查看详情 |
| CWE-276 | Incorrect Default Permissions | Base | Draft | 查看详情 |
| CWE-277 | Insecure Inherited Permissions | Variant | Draft | 查看详情 |
| CWE-278 | Insecure Preserved Inherited Permissions | Variant | Incomplete | 查看详情 |
| CWE-279 | Incorrect Execution-Assigned Permissions | Variant | Draft | 查看详情 |
| CWE-280 | Improper Handling of Insufficient Permissions or Privileges | Base | Draft | 查看详情 |
| CWE-281 | Improper Preservation of Permissions | Base | Draft | 查看详情 |
| CWE-282 | Improper Ownership Management | Class | Draft | 查看详情 |
| CWE-283 | Unverified Ownership | Base | Draft | 查看详情 |
| CWE-284 | Improper Access Control | Pillar | Incomplete | 查看详情 |
| CWE-285 | Improper Authorization | Class | Draft | 查看详情 |
| CWE-286 | Incorrect User Management | Class | Incomplete | 查看详情 |
| CWE-287 | Improper Authentication | Class | Draft | 查看详情 |
| CWE-288 | Authentication Bypass Using an Alternate Path or Channel | Base | Incomplete | 查看详情 |
| CWE-289 | Authentication Bypass by Alternate Name | Base | Incomplete | 查看详情 |
| CWE-290 | Authentication Bypass by Spoofing | Base | Incomplete | 查看详情 |
| CWE-291 | Reliance on IP Address for Authentication | Variant | Incomplete | 查看详情 |