CWE弱点浏览
Common Weakness Enumeration(通用弱点枚举)- 软件和硬件安全弱点的社区开发列表
总弱点数
969
分类数
410
视图数
56
CWE弱点列表 共 969 条
| CWE ID | 名称 | 抽象级别 | 状态 | 操作 |
|---|---|---|---|---|
| CWE-544 | Missing Standardized Error Handling Mechanism | Base | Draft | 查看详情 |
| CWE-545 | DEPRECATED: Use of Dynamic Class Loading | Variant | Deprecated | 查看详情 |
| CWE-546 | Suspicious Comment | Variant | Draft | 查看详情 |
| CWE-547 | Use of Hard-coded, Security-relevant Constants | Base | Draft | 查看详情 |
| CWE-548 | Exposure of Information Through Directory Listing | Variant | Draft | 查看详情 |
| CWE-549 | Missing Password Field Masking | Base | Draft | 查看详情 |
| CWE-550 | Server-generated Error Message Containing Sensitive Information | Variant | Incomplete | 查看详情 |
| CWE-551 | Incorrect Behavior Order: Authorization Before Parsing and Canonicalization | Base | Incomplete | 查看详情 |
| CWE-552 | Files or Directories Accessible to External Parties | Base | Draft | 查看详情 |
| CWE-553 | Command Shell in Externally Accessible Directory | Variant | Incomplete | 查看详情 |
| CWE-554 | ASP.NET Misconfiguration: Not Using Input Validation Framework | Variant | Draft | 查看详情 |
| CWE-555 | J2EE Misconfiguration: Plaintext Password in Configuration File | Variant | Draft | 查看详情 |
| CWE-556 | ASP.NET Misconfiguration: Use of Identity Impersonation | Variant | Incomplete | 查看详情 |
| CWE-558 | Use of getlogin() in Multithreaded Application | Variant | Draft | 查看详情 |
| CWE-560 | Use of umask() with chmod-style Argument | Variant | Draft | 查看详情 |
| CWE-561 | Dead Code | Base | Draft | 查看详情 |
| CWE-562 | Return of Stack Variable Address | Base | Draft | 查看详情 |
| CWE-563 | Assignment to Variable without Use | Base | Draft | 查看详情 |
| CWE-564 | SQL Injection: Hibernate | Variant | Incomplete | 查看详情 |
| CWE-565 | Reliance on Cookies without Validation and Integrity Checking | Base | Incomplete | 查看详情 |