| Buffer Overflow via Environment Variables |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-99
|
Improper Control of Resource Identifiers ('Resource Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-302
|
Authentication Bypass by Assumed-Immutable Data
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-733
|
Compiler Optimization Removal or Modification of Security-critical Code
|
|
| Overflow Buffers |
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-129
|
Improper Validation of Array Index
|
|
CWE-131
|
Incorrect Calculation of Buffer Size
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-805
|
Buffer Access with Incorrect Length Value
|
|
| Client-side Injection-induced Buffer Overflow |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-353
|
Missing Support for Integrity Check
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
| Filter Failure through Buffer Overflow |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-733
|
Compiler Optimization Removal or Modification of Security-critical Code
|
|
| Buffer Overflow via Symbolic Links |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-285
|
Improper Authorization
|
|
CWE-302
|
Authentication Bypass by Assumed-Immutable Data
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
| Overflow Variables and Tags |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-733
|
Compiler Optimization Removal or Modification of Security-critical Code
|
|
| Buffer Overflow via Parameter Expansion |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-130
|
Improper Handling of Length Parameter Inconsistency
|
|
CWE-131
|
Incorrect Calculation of Buffer Size
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
| String Format Overflow in syslog() |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-134
|
Use of Externally-Controlled Format String
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
| Buffer Overflow in an API Call |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-733
|
Compiler Optimization Removal or Modification of Security-critical Code
|
|
| Buffer Overflow in Local Command-Line Utilities |
|
CWE-20
|
Improper Input Validation
|
|
CWE-74
|
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
|
|
CWE-118
|
Incorrect Access of Indexable Resource ('Range Error')
|
|
CWE-119
|
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|
CWE-733
|
Compiler Optimization Removal or Modification of Security-critical Code
|
|
| Forced Integer Overflow |
|
CWE-120
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
|
CWE-122
|
Heap-based Buffer Overflow
|
|
CWE-128
|
Wrap-around Error
|
|
CWE-190
|
Integer Overflow or Wraparound
|
|
CWE-196
|
Unsigned to Signed Conversion Error
|
|
CWE-680
|
Integer Overflow to Buffer Overflow
|
|
CWE-697
|
Incorrect Comparison
|
|