| Platz
|
ID
|
Beschreibung
|
| 1
|
CWE-787
|
Out-of-bounds Write
|
| 2
|
CWE-79
|
Improper Neutralization of Input During Web Page Generation (Cross-Site-Scripting)
|
| 3
|
CWE-89
|
Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)
|
| 4
|
CWE-20
|
Improper Input Validation (Command Execution)
|
| 5
|
CWE-125
|
Out-of-bounds Read
|
| 6
|
CWE-78
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
|
| 7
|
CWE-416
|
Use After Free
|
| 8
|
CWE-22
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
|
| 9
|
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
| 10
|
CWE-434
|
Unrestricted Upload of File with Dangerous Type (File Inclusion)
|
| 11
|
CWE-476
|
NULL Pointer Dereference
|
| 12
|
CWE-502
|
Deserialization of Untrusted Data
|
| 13
|
CWE-190
|
Integer Overflow or Wraparound
|
| 14
|
CWE-287
|
Improper Authentication
|
| 15
|
CWE-798
|
Use of Hard-coded Credentials
|
| 16
|
CWE-862
|
Missing Authorization
|
| 17
|
CWE-77
|
Improper Neutralization of Special Elements used in a Command ('Command Injection')
|
| 18
|
CWE-306
|
Missing Authentication for Critical Function
|
| 19
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
| 20
|
CWE-276
|
Incorrect Default Permissions
|
| 21
|
CWE-918
|
Server-Side Request Forgery (SSRF)
|
| 22
|
CWE-362
|
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
|
| 23
|
CWE-400
|
Uncontrolled Resource Consumption
|
| 24
|
CWE-611
|
Improper Restriction of XML External Entity Reference
|
| 25
|
CWE-94
|
Improper Control of Generation of Code ('Code Injection')
|