CWE弱点浏览
Common Weakness Enumeration(通用弱点枚举)- 软件和硬件安全弱点的社区开发列表
总弱点数
969
分类数
410
视图数
56
CWE弱点列表 共 969 条
| CWE ID | 名称 | 抽象级别 | 状态 | 操作 |
|---|---|---|---|---|
| CWE-292 | DEPRECATED: Trusting Self-reported DNS Name | Variant | Deprecated | 查看详情 |
| CWE-293 | Using Referer Field for Authentication | Variant | Draft | 查看详情 |
| CWE-294 | Authentication Bypass by Capture-replay | Base | Incomplete | 查看详情 |
| CWE-295 | Improper Certificate Validation | Base | Draft | 查看详情 |
| CWE-296 | Improper Following of a Certificate's Chain of Trust | Base | Draft | 查看详情 |
| CWE-297 | Improper Validation of Certificate with Host Mismatch | Variant | Incomplete | 查看详情 |
| CWE-298 | Improper Validation of Certificate Expiration | Variant | Draft | 查看详情 |
| CWE-299 | Improper Check for Certificate Revocation | Base | Draft | 查看详情 |
| CWE-300 | Channel Accessible by Non-Endpoint | Class | Draft | 查看详情 |
| CWE-301 | Reflection Attack in an Authentication Protocol | Base | Draft | 查看详情 |
| CWE-302 | Authentication Bypass by Assumed-Immutable Data | Base | Incomplete | 查看详情 |
| CWE-303 | Incorrect Implementation of Authentication Algorithm | Base | Draft | 查看详情 |
| CWE-304 | Missing Critical Step in Authentication | Base | Draft | 查看详情 |
| CWE-305 | Authentication Bypass by Primary Weakness | Base | Draft | 查看详情 |
| CWE-306 | Missing Authentication for Critical Function | Base | Draft | 查看详情 |
| CWE-307 | Improper Restriction of Excessive Authentication Attempts | Base | Draft | 查看详情 |
| CWE-308 | Use of Single-factor Authentication | Base | Draft | 查看详情 |
| CWE-309 | Use of Password System for Primary Authentication | Base | Draft | 查看详情 |
| CWE-311 | Missing Encryption of Sensitive Data | Class | Draft | 查看详情 |
| CWE-312 | Cleartext Storage of Sensitive Information | Base | Draft | 查看详情 |