CWE弱点浏览
Common Weakness Enumeration(通用弱点枚举)- 软件和硬件安全弱点的社区开发列表
总弱点数
969
分类数
410
视图数
56
CWE弱点列表 共 969 条
| CWE ID | 名称 | 抽象级别 | 状态 | 操作 |
|---|---|---|---|---|
| CWE-862 | Missing Authorization | Class | Incomplete | 查看详情 |
| CWE-863 | Incorrect Authorization | Class | Incomplete | 查看详情 |
| CWE-908 | Use of Uninitialized Resource | Base | Incomplete | 查看详情 |
| CWE-909 | Missing Initialization of Resource | Class | Incomplete | 查看详情 |
| CWE-910 | Use of Expired File Descriptor | Base | Incomplete | 查看详情 |
| CWE-911 | Improper Update of Reference Count | Base | Incomplete | 查看详情 |
| CWE-912 | Hidden Functionality | Class | Incomplete | 查看详情 |
| CWE-913 | Improper Control of Dynamically-Managed Code Resources | Class | Incomplete | 查看详情 |
| CWE-914 | Improper Control of Dynamically-Identified Variables | Base | Incomplete | 查看详情 |
| CWE-915 | Improperly Controlled Modification of Dynamically-Determined Object Attributes | Base | Incomplete | 查看详情 |
| CWE-916 | Use of Password Hash With Insufficient Computational Effort | Base | Incomplete | 查看详情 |
| CWE-917 | Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') | Base | Incomplete | 查看详情 |
| CWE-918 | Server-Side Request Forgery (SSRF) | Base | Incomplete | 查看详情 |
| CWE-920 | Improper Restriction of Power Consumption | Base | Incomplete | 查看详情 |
| CWE-921 | Storage of Sensitive Data in a Mechanism without Access Control | Base | Incomplete | 查看详情 |
| CWE-922 | Insecure Storage of Sensitive Information | Class | Incomplete | 查看详情 |
| CWE-923 | Improper Restriction of Communication Channel to Intended Endpoints | Class | Incomplete | 查看详情 |
| CWE-924 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel | Base | Incomplete | 查看详情 |
| CWE-925 | Improper Verification of Intent by Broadcast Receiver | Variant | Incomplete | 查看详情 |
| CWE-926 | Improper Export of Android Application Components | Variant | Incomplete | 查看详情 |