Movatterモバイル変換

[0]ホーム
URL:

CodeQL documentation
CodeQL resources

CWE coverage for C and C++

An overview of CWE coverage for C and C++ in the latest release of CodeQL.

Overview

CWELanguageQuery idQuery name
CWE-14C/C++cpp/memset-may-be-deletedCall tomemset may be deleted
CWE-20C/C++cpp/count-untrusted-data-external-apiFrequency counts for external APIs that are used with untrusted data
CWE-20C/C++cpp/count-untrusted-data-external-api-irFrequency counts for external APIs that are used with untrusted data
CWE-20C/C++cpp/untrusted-data-to-external-api-irUntrusted data passed to external API
CWE-20C/C++cpp/untrusted-data-to-external-apiUntrusted data passed to external API
CWE-20C/C++cpp/uncontrolled-process-operationUncontrolled process operation
CWE-20C/C++cpp/unclear-array-index-validationUnclear validation of array index
CWE-20C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-20C/C++cpp/late-check-of-function-argumentLate Check Of Function Argument
CWE-20C/C++cpp/linux-kernel-no-check-before-unsafe-put-userLinux kernel no check before unsafe_put_user vulnerability detection
CWE-22C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-23C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-36C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-73C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-74C/C++cpp/non-constant-formatNon-constant format string
CWE-74C/C++cpp/command-line-injectionUncontrolled data used in OS command
CWE-74C/C++cpp/cgi-xssCGI script vulnerable to cross-site scripting
CWE-74C/C++cpp/sql-injectionUncontrolled data in SQL query
CWE-74C/C++cpp/tainted-format-stringUncontrolled format string
CWE-74C/C++cpp/wordexp-injectionUncontrolled data used inwordexp command
CWE-77C/C++cpp/command-line-injectionUncontrolled data used in OS command
CWE-77C/C++cpp/wordexp-injectionUncontrolled data used inwordexp command
CWE-78C/C++cpp/command-line-injectionUncontrolled data used in OS command
CWE-78C/C++cpp/wordexp-injectionUncontrolled data used inwordexp command
CWE-79C/C++cpp/cgi-xssCGI script vulnerable to cross-site scripting
CWE-88C/C++cpp/command-line-injectionUncontrolled data used in OS command
CWE-89C/C++cpp/sql-injectionUncontrolled data in SQL query
CWE-114C/C++cpp/uncontrolled-process-operationUncontrolled process operation
CWE-118C/C++cpp/offset-use-before-range-checkArray offset used before range check
CWE-118C/C++cpp/double-freePotential double free
CWE-118C/C++cpp/late-negative-testPointer offset used before it is checked
CWE-118C/C++cpp/missing-negativity-testUnchecked return value used as offset
CWE-118C/C++cpp/overflow-calculatedBuffer not sufficient for string
CWE-118C/C++cpp/overflow-destinationCopy function using source size
CWE-118C/C++cpp/static-buffer-overflowStatic array access may cause overflow
CWE-118C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-118C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-118C/C++cpp/use-after-freePotential use after free
CWE-118C/C++cpp/upcast-array-pointer-arithmeticUpcast array used in pointer arithmetic
CWE-118C/C++cpp/return-stack-allocated-memoryReturning stack-allocated memory
CWE-118C/C++cpp/bad-strncpy-sizePossibly wrong buffer size in string copy
CWE-118C/C++cpp/unsafe-strncatPotentially unsafe call to strncat
CWE-118C/C++cpp/unsafe-strcatPotentially unsafe use of strcat
CWE-118C/C++cpp/using-expired-stack-addressUse of expired stack-address
CWE-118C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-118C/C++cpp/overrun-writeOverrunning write
CWE-118C/C++cpp/badly-bounded-writeBadly bounded write
CWE-118C/C++cpp/overrunning-writePotentially overrunning write
CWE-118C/C++cpp/overrunning-write-with-floatPotentially overrunning write with float to string conversion
CWE-118C/C++cpp/unbounded-writeUnbounded write
CWE-118C/C++cpp/very-likely-overrunning-writeLikely overrunning write
CWE-118C/C++cpp/unterminated-variadic-callUnterminated variadic call
CWE-118C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-118C/C++cpp/invalid-pointer-derefInvalid pointer dereference
CWE-118C/C++cpp/openssl-heartbleedUse of a version of OpenSSL with Heartbleed
CWE-118C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-118C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-118C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-118C/C++cpp/memory-unsafe-function-scanScanf function without a specified length
CWE-118C/C++cpp/dangerous-use-convert-functionDangerous use convert function.
CWE-118C/C++cpp/experimental-double-freeErrors When Double Free
CWE-118C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-118C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-118C/C++cpp/sign-conversion-pointer-arithmeticunsigned to signed used in pointer arithmetic
CWE-118C/C++cpp/access-memory-location-after-end-buffer-strlenAccess Of Memory Location After End Of Buffer
CWE-118C/C++cpp/buffer-access-with-incorrect-length-valueBuffer access with incorrect length value
CWE-119C/C++cpp/offset-use-before-range-checkArray offset used before range check
CWE-119C/C++cpp/double-freePotential double free
CWE-119C/C++cpp/late-negative-testPointer offset used before it is checked
CWE-119C/C++cpp/missing-negativity-testUnchecked return value used as offset
CWE-119C/C++cpp/overflow-calculatedBuffer not sufficient for string
CWE-119C/C++cpp/overflow-destinationCopy function using source size
CWE-119C/C++cpp/static-buffer-overflowStatic array access may cause overflow
CWE-119C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-119C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-119C/C++cpp/use-after-freePotential use after free
CWE-119C/C++cpp/upcast-array-pointer-arithmeticUpcast array used in pointer arithmetic
CWE-119C/C++cpp/return-stack-allocated-memoryReturning stack-allocated memory
CWE-119C/C++cpp/bad-strncpy-sizePossibly wrong buffer size in string copy
CWE-119C/C++cpp/unsafe-strncatPotentially unsafe call to strncat
CWE-119C/C++cpp/unsafe-strcatPotentially unsafe use of strcat
CWE-119C/C++cpp/using-expired-stack-addressUse of expired stack-address
CWE-119C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-119C/C++cpp/overrun-writeOverrunning write
CWE-119C/C++cpp/badly-bounded-writeBadly bounded write
CWE-119C/C++cpp/overrunning-writePotentially overrunning write
CWE-119C/C++cpp/overrunning-write-with-floatPotentially overrunning write with float to string conversion
CWE-119C/C++cpp/unbounded-writeUnbounded write
CWE-119C/C++cpp/very-likely-overrunning-writeLikely overrunning write
CWE-119C/C++cpp/unterminated-variadic-callUnterminated variadic call
CWE-119C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-119C/C++cpp/invalid-pointer-derefInvalid pointer dereference
CWE-119C/C++cpp/openssl-heartbleedUse of a version of OpenSSL with Heartbleed
CWE-119C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-119C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-119C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-119C/C++cpp/memory-unsafe-function-scanScanf function without a specified length
CWE-119C/C++cpp/dangerous-use-convert-functionDangerous use convert function.
CWE-119C/C++cpp/experimental-double-freeErrors When Double Free
CWE-119C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-119C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-119C/C++cpp/sign-conversion-pointer-arithmeticunsigned to signed used in pointer arithmetic
CWE-119C/C++cpp/access-memory-location-after-end-buffer-strlenAccess Of Memory Location After End Of Buffer
CWE-119C/C++cpp/buffer-access-with-incorrect-length-valueBuffer access with incorrect length value
CWE-120C/C++cpp/offset-use-before-range-checkArray offset used before range check
CWE-120C/C++cpp/overflow-calculatedBuffer not sufficient for string
CWE-120C/C++cpp/unsafe-strcatPotentially unsafe use of strcat
CWE-120C/C++cpp/badly-bounded-writeBadly bounded write
CWE-120C/C++cpp/overrunning-writePotentially overrunning write
CWE-120C/C++cpp/overrunning-write-with-floatPotentially overrunning write with float to string conversion
CWE-120C/C++cpp/unbounded-writeUnbounded write
CWE-120C/C++cpp/very-likely-overrunning-writeLikely overrunning write
CWE-120C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-120C/C++cpp/memory-unsafe-function-scanScanf function without a specified length
CWE-121C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-121C/C++cpp/unterminated-variadic-callUnterminated variadic call
CWE-122C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-122C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-122C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-122C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-125C/C++cpp/offset-use-before-range-checkArray offset used before range check
CWE-125C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-125C/C++cpp/invalid-pointer-derefInvalid pointer dereference
CWE-125C/C++cpp/dangerous-use-convert-functionDangerous use convert function.
CWE-126C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-128C/C++cpp/signed-overflow-checkSigned overflow check
CWE-128C/C++cpp/multiplication-overflow-in-allocMultiplication result may overflow and be used in allocation
CWE-129C/C++cpp/unclear-array-index-validationUnclear validation of array index
CWE-131C/C++cpp/overflow-calculatedBuffer not sufficient for string
CWE-131C/C++cpp/overflow-destinationCopy function using source size
CWE-131C/C++cpp/static-buffer-overflowStatic array access may cause overflow
CWE-131C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-131C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-131C/C++cpp/overrun-writeOverrunning write
CWE-131C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-134C/C++cpp/non-constant-formatNon-constant format string
CWE-134C/C++cpp/tainted-format-stringUncontrolled format string
CWE-170C/C++cpp/improper-null-terminationPotential improper null termination
CWE-170C/C++cpp/user-controlled-null-termination-taintedUser-controlled data may not be null terminated
CWE-190C/C++cpp/ambiguously-signed-bit-fieldAmbiguously signed bit-field member
CWE-190C/C++cpp/bad-addition-overflow-checkBad check for overflow of integer addition
CWE-190C/C++cpp/integer-multiplication-cast-to-longMultiplication result converted to larger type
CWE-190C/C++cpp/signed-overflow-checkSigned overflow check
CWE-190C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-190C/C++cpp/tainted-arithmeticUser-controlled data in arithmetic expression
CWE-190C/C++cpp/uncontrolled-arithmeticUncontrolled data in arithmetic expression
CWE-190C/C++cpp/arithmetic-with-extreme-valuesUse of extreme values in arithmetic expression
CWE-190C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-190C/C++cpp/integer-overflow-taintedPotential integer arithmetic overflow
CWE-190C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-190C/C++cpp/multiplication-overflow-in-allocMultiplication result may overflow and be used in allocation
CWE-190C/C++cpp/dangerous-use-of-transformation-after-operationDangerous use of transformation after operation.
CWE-190C/C++cpp/signed-bit-fieldPossible signed bit-field member
CWE-191C/C++cpp/tainted-arithmeticUser-controlled data in arithmetic expression
CWE-191C/C++cpp/uncontrolled-arithmeticUncontrolled data in arithmetic expression
CWE-191C/C++cpp/arithmetic-with-extreme-valuesUse of extreme values in arithmetic expression
CWE-191C/C++cpp/unsigned-difference-expression-compared-zeroUnsigned difference expression compared to zero
CWE-193C/C++cpp/invalid-pointer-derefInvalid pointer dereference
CWE-197C/C++cpp/integer-multiplication-cast-to-longMultiplication result converted to larger type
CWE-197C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-197C/C++cpp/integer-overflow-taintedPotential integer arithmetic overflow
CWE-200C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-200C/C++cpp/system-data-exposureExposure of system data to an unauthorized control sphere
CWE-200C/C++cpp/potential-system-data-exposurePotential exposure of sensitive system data to an unauthorized control sphere
CWE-200C/C++cpp/work-with-file-without-permissions-rightsWriting to a file without setting permissions.
CWE-200C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-200C/C++cpp/private-cleartext-writeExposure of private information
CWE-227C/C++cpp/double-freePotential double free
CWE-227C/C++cpp/incorrectly-checked-scanfIncorrect return-value check for a 'scanf'-like function
CWE-227C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-227C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-227C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-227C/C++cpp/wrong-type-format-argumentWrong type of arguments to formatting function
CWE-227C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-227C/C++cpp/ignore-return-value-salSAL requires inspecting return value
CWE-227C/C++cpp/hresult-boolean-conversionCast between HRESULT and a Boolean type
CWE-227C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-227C/C++cpp/twice-lockedMutex locked twice
CWE-227C/C++cpp/unreleased-lockLock may not be released
CWE-227C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-227C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-227C/C++cpp/experimental-double-freeErrors When Double Free
CWE-227C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-227C/C++cpp/double-releaseErrors When Double Release
CWE-228C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-228C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-233C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-233C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-234C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-234C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-242C/C++cpp/dangerous-function-overflowUse of dangerous function
CWE-243C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-248C/C++cpp/operator-find-incorrectly-used-exceptionsOperator Find Incorrectly Used Exceptions
CWE-252C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-252C/C++cpp/return-value-ignoredReturn value of a function is ignored
CWE-252C/C++cpp/inconsistent-call-on-resultInconsistent operation on return value
CWE-252C/C++cpp/ignore-return-value-salSAL requires inspecting return value
CWE-252C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-252C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-253C/C++cpp/incorrectly-checked-scanfIncorrect return-value check for a 'scanf'-like function
CWE-253C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-253C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-253C/C++cpp/hresult-boolean-conversionCast between HRESULT and a Boolean type
CWE-260C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-266C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-269C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-269C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-271C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-273C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-284C/C++cpp/user-controlled-bypassAuthentication bypass by spoofing
CWE-284C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-284C/C++cpp/world-writable-file-creationFile created without restricting permissions
CWE-284C/C++cpp/open-call-with-mode-argumentFile opened with O_CREAT flag but without mode argument
CWE-284C/C++cpp/unsafe-dacl-security-descriptorSetting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-284C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-284C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-284C/C++cpp/pam-auth-bypassPAM Authorization bypass
CWE-285C/C++cpp/world-writable-file-creationFile created without restricting permissions
CWE-285C/C++cpp/open-call-with-mode-argumentFile opened with O_CREAT flag but without mode argument
CWE-285C/C++cpp/unsafe-dacl-security-descriptorSetting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-285C/C++cpp/pam-auth-bypassPAM Authorization bypass
CWE-287C/C++cpp/user-controlled-bypassAuthentication bypass by spoofing
CWE-287C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-290C/C++cpp/user-controlled-bypassAuthentication bypass by spoofing
CWE-295C/C++cpp/certificate-result-conflationCertificate result conflation
CWE-295C/C++cpp/certificate-not-checkedCertificate not checked
CWE-295C/C++cpp/curl-disabled-sslDisabled certifcate verification
CWE-311C/C++cpp/cleartext-storage-bufferCleartext storage of sensitive information in buffer
CWE-311C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-311C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-311C/C++cpp/cleartext-storage-databaseCleartext storage of sensitive information in an SQLite database
CWE-311C/C++cpp/non-https-urlFailure to use HTTPS URLs
CWE-312C/C++cpp/cleartext-storage-bufferCleartext storage of sensitive information in buffer
CWE-312C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-312C/C++cpp/cleartext-storage-databaseCleartext storage of sensitive information in an SQLite database
CWE-313C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-313C/C++cpp/cleartext-storage-databaseCleartext storage of sensitive information in an SQLite database
CWE-319C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-319C/C++cpp/non-https-urlFailure to use HTTPS URLs
CWE-326C/C++cpp/boost/tls-settings-misconfigurationboost::asio TLS settings misconfiguration
CWE-326C/C++cpp/insufficient-key-sizeUse of a cryptographic algorithm with insufficient key size
CWE-326C/C++cpp/unknown-asymmetric-key-gen-sizeUnknown key generation key size
CWE-326C/C++cpp/weak-asymmetric-key-gen-sizeWeak asymmetric key generation key size (< 2048 bits)
CWE-327C/C++cpp/boost/use-of-deprecated-hardcoded-security-protocolboost::asio use of deprecated hardcoded protocol
CWE-327C/C++cpp/weak-cryptographic-algorithmUse of a broken or risky cryptographic algorithm
CWE-327C/C++cpp/openssl-heartbleedUse of a version of OpenSSL with Heartbleed
CWE-327C/C++cpp/weak-block-modeWeak block mode
CWE-327C/C++cpp/weak-elliptic-curveWeak elliptic curve
CWE-327C/C++cpp/weak-crypto/banned-encryption-algorithmsWeak cryptography
CWE-327C/C++cpp/weak-crypto/banned-hash-algorithmsWeak cryptography
CWE-345C/C++cpp/non-https-urlFailure to use HTTPS URLs
CWE-359C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-359C/C++cpp/private-cleartext-writeExposure of private information
CWE-362C/C++cpp/toctou-race-conditionTime-of-check time-of-use filesystem race condition
CWE-362C/C++cpp/linux-kernel-double-fetch-vulnerabilityLinux kernel double-fetch vulnerability detection
CWE-367C/C++cpp/toctou-race-conditionTime-of-check time-of-use filesystem race condition
CWE-369C/C++cpp/divide-by-zero-using-return-valueDivide by zero using return value
CWE-377C/C++cpp/insecure-generation-of-filenameInsecure generation of filenames.
CWE-390C/C++cpp/operator-find-incorrectly-used-exceptionsOperator Find Incorrectly Used Exceptions
CWE-398C/C++cpp/unused-local-variableUnused local variable
CWE-398C/C++cpp/unused-static-functionUnused static function
CWE-398C/C++cpp/unused-static-variableUnused static variable
CWE-398C/C++cpp/dead-code-conditionBranching condition always evaluates to same value
CWE-398C/C++cpp/dead-code-functionFunction is never called
CWE-398C/C++cpp/dead-code-gotoDead code due to goto or break statement
CWE-398C/C++cpp/inconsistent-nullness-testingInconsistent null check of pointer
CWE-398C/C++cpp/missing-null-testReturned pointer not checked
CWE-398C/C++cpp/unused-variableVariable is assigned a value that is never read
CWE-398C/C++cpp/fixme-commentFIXME comment
CWE-398C/C++cpp/todo-commentTODO comment
CWE-398C/C++cpp/inconsistent-null-checkInconsistent nullness check
CWE-398C/C++cpp/useless-expressionExpression has no effect
CWE-398C/C++cpp/bad-strncpy-sizePossibly wrong buffer size in string copy
CWE-398C/C++cpp/suspicious-call-to-memsetSuspicious call to memset
CWE-398C/C++cpp/unsafe-strncatPotentially unsafe call to strncat
CWE-398C/C++cpp/unsafe-strcatPotentially unsafe use of strcat
CWE-398C/C++cpp/redundant-null-check-simpleRedundant null check due to previous dereference
CWE-398C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-398C/C++cpp/dangerous-function-overflowUse of dangerous function
CWE-398C/C++cpp/dangerous-cinDangerous use of 'cin'
CWE-398C/C++cpp/potentially-dangerous-functionUse of potentially dangerous function
CWE-398C/C++cpp/deref-null-resultNull dereference from a function result
CWE-398C/C++cpp/redundant-null-check-paramRedundant null check or missing null check of parameter
CWE-398C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-398C/C++cpp/operator-find-incorrectly-used-switchIncorrect switch statement
CWE-400C/C++cpp/catch-missing-freeLeaky catch
CWE-400C/C++cpp/descriptor-may-not-be-closedOpen descriptor may not be closed
CWE-400C/C++cpp/descriptor-never-closedOpen descriptor never closed
CWE-400C/C++cpp/file-may-not-be-closedOpen file may not be closed
CWE-400C/C++cpp/file-never-closedOpen file is not closed
CWE-400C/C++cpp/memory-may-not-be-freedMemory may not be freed
CWE-400C/C++cpp/memory-never-freedMemory is never freed
CWE-400C/C++cpp/new-free-mismatchMismatching new/free or malloc/delete
CWE-400C/C++cpp/alloca-in-loopCall to alloca in a loop
CWE-400C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-400C/C++cpp/memory-leak-on-failed-call-to-reallocMemory leak on failed call to realloc
CWE-401C/C++cpp/catch-missing-freeLeaky catch
CWE-401C/C++cpp/memory-may-not-be-freedMemory may not be freed
CWE-401C/C++cpp/memory-never-freedMemory is never freed
CWE-401C/C++cpp/new-free-mismatchMismatching new/free or malloc/delete
CWE-401C/C++cpp/memory-leak-on-failed-call-to-reallocMemory leak on failed call to realloc
CWE-404C/C++cpp/catch-missing-freeLeaky catch
CWE-404C/C++cpp/descriptor-may-not-be-closedOpen descriptor may not be closed
CWE-404C/C++cpp/descriptor-never-closedOpen descriptor never closed
CWE-404C/C++cpp/file-may-not-be-closedOpen file may not be closed
CWE-404C/C++cpp/file-never-closedOpen file is not closed
CWE-404C/C++cpp/memory-may-not-be-freedMemory may not be freed
CWE-404C/C++cpp/memory-never-freedMemory is never freed
CWE-404C/C++cpp/new-free-mismatchMismatching new/free or malloc/delete
CWE-404C/C++cpp/memory-leak-on-failed-call-to-reallocMemory leak on failed call to realloc
CWE-404C/C++cpp/resource-not-released-in-destructorResource not released in destructor
CWE-405C/C++cpp/data-decompression-bombUser-controlled file decompression
CWE-409C/C++cpp/data-decompression-bombUser-controlled file decompression
CWE-415C/C++cpp/double-freePotential double free
CWE-415C/C++cpp/experimental-double-freeErrors When Double Free
CWE-415C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-416C/C++cpp/use-after-freePotential use after free
CWE-416C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-416C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-416C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-416C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-428C/C++cpp/unsafe-create-process-callNULL application name with an unquoted path in call to CreateProcess
CWE-435C/C++cpp/memset-may-be-deletedCall tomemset may be deleted
CWE-456C/C++cpp/initialization-not-runInitialization code not run
CWE-457C/C++cpp/global-use-before-initGlobal variable may be used before initialization
CWE-457C/C++cpp/not-initialisedVariable not initialized before use
CWE-457C/C++cpp/uninitialized-localPotentially uninitialized local variable
CWE-457C/C++cpp/conditionally-uninitialized-variableConditionally uninitialized variable
CWE-467C/C++cpp/suspicious-sizeofSuspicious 'sizeof' use
CWE-468C/C++cpp/suspicious-pointer-scalingSuspicious pointer scaling
CWE-468C/C++cpp/incorrect-pointer-scaling-charSuspicious pointer scaling to char
CWE-468C/C++cpp/suspicious-pointer-scaling-voidSuspicious pointer scaling to void
CWE-468C/C++cpp/suspicious-add-sizeofSuspicious add with sizeof
CWE-476C/C++cpp/inconsistent-nullness-testingInconsistent null check of pointer
CWE-476C/C++cpp/missing-null-testReturned pointer not checked
CWE-476C/C++cpp/inconsistent-null-checkInconsistent nullness check
CWE-476C/C++cpp/redundant-null-check-simpleRedundant null check due to previous dereference
CWE-476C/C++cpp/deref-null-resultNull dereference from a function result
CWE-476C/C++cpp/redundant-null-check-paramRedundant null check or missing null check of parameter
CWE-476C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-478C/C++cpp/missing-case-in-switchMissing enum case in switch
CWE-478C/C++cpp/operator-find-incorrectly-used-switchIncorrect switch statement
CWE-480C/C++cpp/assign-where-compare-meantAssignment where comparison was intended
CWE-480C/C++cpp/compare-where-assign-meantComparison where assignment was intended
CWE-480C/C++cpp/incorrect-not-operator-usageIncorrect 'not' operator usage
CWE-480C/C++cpp/logical-operator-applied-to-flagShort-circuiting operator applied to flag
CWE-480C/C++cpp/operator-precedence-logic-error-when-use-bitwise-logical-operationsOperator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-480C/C++cpp/operator-precedence-logic-error-when-use-bool-typeOperator Precedence Logic Error When Use Bool Type
CWE-481C/C++cpp/assign-where-compare-meantAssignment where comparison was intended
CWE-482C/C++cpp/compare-where-assign-meantComparison where assignment was intended
CWE-497C/C++cpp/system-data-exposureExposure of system data to an unauthorized control sphere
CWE-497C/C++cpp/potential-system-data-exposurePotential exposure of sensitive system data to an unauthorized control sphere
CWE-522C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-546C/C++cpp/fixme-commentFIXME comment
CWE-546C/C++cpp/todo-commentTODO comment
CWE-560C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-561C/C++cpp/unused-static-functionUnused static function
CWE-561C/C++cpp/dead-code-conditionBranching condition always evaluates to same value
CWE-561C/C++cpp/dead-code-functionFunction is never called
CWE-561C/C++cpp/dead-code-gotoDead code due to goto or break statement
CWE-561C/C++cpp/useless-expressionExpression has no effect
CWE-561C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-561C/C++cpp/operator-find-incorrectly-used-switchIncorrect switch statement
CWE-563C/C++cpp/unused-local-variableUnused local variable
CWE-563C/C++cpp/unused-static-variableUnused static variable
CWE-563C/C++cpp/unused-variableVariable is assigned a value that is never read
CWE-570C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-573C/C++cpp/double-freePotential double free
CWE-573C/C++cpp/incorrectly-checked-scanfIncorrect return-value check for a 'scanf'-like function
CWE-573C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-573C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-573C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-573C/C++cpp/wrong-type-format-argumentWrong type of arguments to formatting function
CWE-573C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-573C/C++cpp/ignore-return-value-salSAL requires inspecting return value
CWE-573C/C++cpp/hresult-boolean-conversionCast between HRESULT and a Boolean type
CWE-573C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-573C/C++cpp/twice-lockedMutex locked twice
CWE-573C/C++cpp/unreleased-lockLock may not be released
CWE-573C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-573C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-573C/C++cpp/experimental-double-freeErrors When Double Free
CWE-573C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-573C/C++cpp/double-releaseErrors When Double Release
CWE-592C/C++cpp/user-controlled-bypassAuthentication bypass by spoofing
CWE-610C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-610C/C++cpp/external-entity-expansionXML external entity expansion
CWE-611C/C++cpp/external-entity-expansionXML external entity expansion
CWE-628C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-628C/C++cpp/wrong-type-format-argumentWrong type of arguments to formatting function
CWE-628C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-628C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-642C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-662C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-662C/C++cpp/twice-lockedMutex locked twice
CWE-662C/C++cpp/unreleased-lockLock may not be released
CWE-664C/C++cpp/catch-missing-freeLeaky catch
CWE-664C/C++cpp/descriptor-may-not-be-closedOpen descriptor may not be closed
CWE-664C/C++cpp/descriptor-never-closedOpen descriptor never closed
CWE-664C/C++cpp/double-freePotential double free
CWE-664C/C++cpp/file-may-not-be-closedOpen file may not be closed
CWE-664C/C++cpp/file-never-closedOpen file is not closed
CWE-664C/C++cpp/global-use-before-initGlobal variable may be used before initialization
CWE-664C/C++cpp/initialization-not-runInitialization code not run
CWE-664C/C++cpp/memory-may-not-be-freedMemory may not be freed
CWE-664C/C++cpp/memory-never-freedMemory is never freed
CWE-664C/C++cpp/new-free-mismatchMismatching new/free or malloc/delete
CWE-664C/C++cpp/not-initialisedVariable not initialized before use
CWE-664C/C++cpp/use-after-freePotential use after free
CWE-664C/C++cpp/bad-addition-overflow-checkBad check for overflow of integer addition
CWE-664C/C++cpp/integer-multiplication-cast-to-longMultiplication result converted to larger type
CWE-664C/C++cpp/upcast-array-pointer-arithmeticUpcast array used in pointer arithmetic
CWE-664C/C++cpp/alloca-in-loopCall to alloca in a loop
CWE-664C/C++cpp/improper-null-terminationPotential improper null termination
CWE-664C/C++cpp/return-stack-allocated-memoryReturning stack-allocated memory
CWE-664C/C++cpp/uninitialized-localPotentially uninitialized local variable
CWE-664C/C++cpp/using-expired-stack-addressUse of expired stack-address
CWE-664C/C++cpp/self-assignment-checkSelf assignment check
CWE-664C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-664C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-664C/C++cpp/integer-overflow-taintedPotential integer arithmetic overflow
CWE-664C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-664C/C++cpp/user-controlled-bypassAuthentication bypass by spoofing
CWE-664C/C++cpp/cleartext-storage-bufferCleartext storage of sensitive information in buffer
CWE-664C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-664C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-664C/C++cpp/cleartext-storage-databaseCleartext storage of sensitive information in an SQLite database
CWE-664C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-664C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-664C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-664C/C++cpp/unsafe-create-process-callNULL application name with an unquoted path in call to CreateProcess
CWE-664C/C++cpp/conditionally-uninitialized-variableConditionally uninitialized variable
CWE-664C/C++cpp/system-data-exposureExposure of system data to an unauthorized control sphere
CWE-664C/C++cpp/potential-system-data-exposurePotential exposure of sensitive system data to an unauthorized control sphere
CWE-664C/C++cpp/external-entity-expansionXML external entity expansion
CWE-664C/C++cpp/incorrect-string-type-conversionCast from char to wchar_t
CWE-664C/C++cpp/world-writable-file-creationFile created without restricting permissions
CWE-664C/C++cpp/open-call-with-mode-argumentFile opened with O_CREAT flag but without mode argument
CWE-664C/C++cpp/unsafe-dacl-security-descriptorSetting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-664C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-664C/C++cpp/twice-lockedMutex locked twice
CWE-664C/C++cpp/unreleased-lockLock may not be released
CWE-664C/C++cpp/type-confusionType confusion
CWE-664C/C++cpp/work-with-file-without-permissions-rightsWriting to a file without setting permissions.
CWE-664C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-664C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-664C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-664C/C++cpp/pam-auth-bypassPAM Authorization bypass
CWE-664C/C++cpp/private-cleartext-writeExposure of private information
CWE-664C/C++cpp/insecure-generation-of-filenameInsecure generation of filenames.
CWE-664C/C++cpp/memory-leak-on-failed-call-to-reallocMemory leak on failed call to realloc
CWE-664C/C++cpp/data-decompression-bombUser-controlled file decompression
CWE-664C/C++cpp/experimental-double-freeErrors When Double Free
CWE-664C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-664C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-664C/C++cpp/double-releaseErrors When Double Release
CWE-664C/C++cpp/improper-check-return-value-scanfImproper check of return value of scanf
CWE-664C/C++cpp/resource-not-released-in-destructorResource not released in destructor
CWE-665C/C++cpp/global-use-before-initGlobal variable may be used before initialization
CWE-665C/C++cpp/initialization-not-runInitialization code not run
CWE-665C/C++cpp/not-initialisedVariable not initialized before use
CWE-665C/C++cpp/alloca-in-loopCall to alloca in a loop
CWE-665C/C++cpp/improper-null-terminationPotential improper null termination
CWE-665C/C++cpp/uninitialized-localPotentially uninitialized local variable
CWE-665C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-665C/C++cpp/conditionally-uninitialized-variableConditionally uninitialized variable
CWE-666C/C++cpp/double-freePotential double free
CWE-666C/C++cpp/use-after-freePotential use after free
CWE-666C/C++cpp/return-stack-allocated-memoryReturning stack-allocated memory
CWE-666C/C++cpp/using-expired-stack-addressUse of expired stack-address
CWE-666C/C++cpp/self-assignment-checkSelf assignment check
CWE-666C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-666C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-666C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-666C/C++cpp/experimental-double-freeErrors When Double Free
CWE-666C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-666C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-666C/C++cpp/double-releaseErrors When Double Release
CWE-667C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-667C/C++cpp/twice-lockedMutex locked twice
CWE-667C/C++cpp/unreleased-lockLock may not be released
CWE-668C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-668C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-668C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-668C/C++cpp/unsafe-create-process-callNULL application name with an unquoted path in call to CreateProcess
CWE-668C/C++cpp/system-data-exposureExposure of system data to an unauthorized control sphere
CWE-668C/C++cpp/potential-system-data-exposurePotential exposure of sensitive system data to an unauthorized control sphere
CWE-668C/C++cpp/world-writable-file-creationFile created without restricting permissions
CWE-668C/C++cpp/open-call-with-mode-argumentFile opened with O_CREAT flag but without mode argument
CWE-668C/C++cpp/unsafe-dacl-security-descriptorSetting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-668C/C++cpp/work-with-file-without-permissions-rightsWriting to a file without setting permissions.
CWE-668C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-668C/C++cpp/private-cleartext-writeExposure of private information
CWE-668C/C++cpp/insecure-generation-of-filenameInsecure generation of filenames.
CWE-669C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-670C/C++cpp/comma-before-misleading-indentationComma before misleading indentation
CWE-670C/C++cpp/assign-where-compare-meantAssignment where comparison was intended
CWE-670C/C++cpp/compare-where-assign-meantComparison where assignment was intended
CWE-670C/C++cpp/incorrect-not-operator-usageIncorrect 'not' operator usage
CWE-670C/C++cpp/logical-operator-applied-to-flagShort-circuiting operator applied to flag
CWE-670C/C++cpp/unsafe-use-of-thisUnsafe use of this in constructor
CWE-670C/C++cpp/dangerous-use-of-ssl-shutdownDangerous use SSL_shutdown.
CWE-670C/C++cpp/operator-precedence-logic-error-when-use-bitwise-logical-operationsOperator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-670C/C++cpp/operator-precedence-logic-error-when-use-bool-typeOperator Precedence Logic Error When Use Bool Type
CWE-672C/C++cpp/double-freePotential double free
CWE-672C/C++cpp/use-after-freePotential use after free
CWE-672C/C++cpp/return-stack-allocated-memoryReturning stack-allocated memory
CWE-672C/C++cpp/using-expired-stack-addressUse of expired stack-address
CWE-672C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-672C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-672C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-672C/C++cpp/experimental-double-freeErrors When Double Free
CWE-672C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-672C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-675C/C++cpp/double-freePotential double free
CWE-675C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-675C/C++cpp/twice-lockedMutex locked twice
CWE-675C/C++cpp/unreleased-lockLock may not be released
CWE-675C/C++cpp/experimental-double-freeErrors When Double Free
CWE-675C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-675C/C++cpp/double-releaseErrors When Double Release
CWE-676C/C++cpp/bad-strncpy-sizePossibly wrong buffer size in string copy
CWE-676C/C++cpp/suspicious-call-to-memsetSuspicious call to memset
CWE-676C/C++cpp/unsafe-strncatPotentially unsafe call to strncat
CWE-676C/C++cpp/unsafe-strcatPotentially unsafe use of strcat
CWE-676C/C++cpp/dangerous-function-overflowUse of dangerous function
CWE-676C/C++cpp/dangerous-cinDangerous use of 'cin'
CWE-676C/C++cpp/potentially-dangerous-functionUse of potentially dangerous function
CWE-681C/C++cpp/bad-addition-overflow-checkBad check for overflow of integer addition
CWE-681C/C++cpp/integer-multiplication-cast-to-longMultiplication result converted to larger type
CWE-681C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-681C/C++cpp/integer-overflow-taintedPotential integer arithmetic overflow
CWE-682C/C++cpp/overflow-calculatedBuffer not sufficient for string
CWE-682C/C++cpp/overflow-destinationCopy function using source size
CWE-682C/C++cpp/static-buffer-overflowStatic array access may cause overflow
CWE-682C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-682C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-682C/C++cpp/ambiguously-signed-bit-fieldAmbiguously signed bit-field member
CWE-682C/C++cpp/bad-addition-overflow-checkBad check for overflow of integer addition
CWE-682C/C++cpp/integer-multiplication-cast-to-longMultiplication result converted to larger type
CWE-682C/C++cpp/signed-overflow-checkSigned overflow check
CWE-682C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-682C/C++cpp/suspicious-sizeofSuspicious 'sizeof' use
CWE-682C/C++cpp/overrun-writeOverrunning write
CWE-682C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-682C/C++cpp/tainted-arithmeticUser-controlled data in arithmetic expression
CWE-682C/C++cpp/uncontrolled-arithmeticUncontrolled data in arithmetic expression
CWE-682C/C++cpp/arithmetic-with-extreme-valuesUse of extreme values in arithmetic expression
CWE-682C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-682C/C++cpp/integer-overflow-taintedPotential integer arithmetic overflow
CWE-682C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-682C/C++cpp/unsigned-difference-expression-compared-zeroUnsigned difference expression compared to zero
CWE-682C/C++cpp/invalid-pointer-derefInvalid pointer dereference
CWE-682C/C++cpp/suspicious-pointer-scalingSuspicious pointer scaling
CWE-682C/C++cpp/incorrect-pointer-scaling-charSuspicious pointer scaling to char
CWE-682C/C++cpp/suspicious-pointer-scaling-voidSuspicious pointer scaling to void
CWE-682C/C++cpp/suspicious-add-sizeofSuspicious add with sizeof
CWE-682C/C++cpp/multiplication-overflow-in-allocMultiplication result may overflow and be used in allocation
CWE-682C/C++cpp/dangerous-use-of-transformation-after-operationDangerous use of transformation after operation.
CWE-682C/C++cpp/divide-by-zero-using-return-valueDivide by zero using return value
CWE-682C/C++cpp/signed-bit-fieldPossible signed bit-field member
CWE-685C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-685C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-686C/C++cpp/wrong-type-format-argumentWrong type of arguments to formatting function
CWE-687C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-691C/C++cpp/comma-before-misleading-indentationComma before misleading indentation
CWE-691C/C++cpp/assign-where-compare-meantAssignment where comparison was intended
CWE-691C/C++cpp/compare-where-assign-meantComparison where assignment was intended
CWE-691C/C++cpp/incorrect-not-operator-usageIncorrect 'not' operator usage
CWE-691C/C++cpp/logical-operator-applied-to-flagShort-circuiting operator applied to flag
CWE-691C/C++cpp/inconsistent-loop-directionInconsistent direction of for loop
CWE-691C/C++cpp/unsafe-use-of-thisUnsafe use of this in constructor
CWE-691C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-691C/C++cpp/toctou-race-conditionTime-of-check time-of-use filesystem race condition
CWE-691C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-691C/C++cpp/twice-lockedMutex locked twice
CWE-691C/C++cpp/unreleased-lockLock may not be released
CWE-691C/C++cpp/infinite-loop-with-unsatisfiable-exit-conditionInfinite loop with unsatisfiable exit condition
CWE-691C/C++cpp/linux-kernel-double-fetch-vulnerabilityLinux kernel double-fetch vulnerability detection
CWE-691C/C++cpp/operator-find-incorrectly-used-switchIncorrect switch statement
CWE-691C/C++cpp/dangerous-use-of-ssl-shutdownDangerous use SSL_shutdown.
CWE-691C/C++cpp/errors-after-refactoringErrors After Refactoring
CWE-691C/C++cpp/errors-when-using-bit-operationsErrors When Using Bit Operations
CWE-691C/C++cpp/operator-find-incorrectly-used-exceptionsOperator Find Incorrectly Used Exceptions
CWE-691C/C++cpp/operator-precedence-logic-error-when-use-bitwise-logical-operationsOperator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-691C/C++cpp/operator-precedence-logic-error-when-use-bool-typeOperator Precedence Logic Error When Use Bool Type
CWE-693C/C++cpp/boost/tls-settings-misconfigurationboost::asio TLS settings misconfiguration
CWE-693C/C++cpp/boost/use-of-deprecated-hardcoded-security-protocolboost::asio use of deprecated hardcoded protocol
CWE-693C/C++cpp/count-untrusted-data-external-apiFrequency counts for external APIs that are used with untrusted data
CWE-693C/C++cpp/count-untrusted-data-external-api-irFrequency counts for external APIs that are used with untrusted data
CWE-693C/C++cpp/untrusted-data-to-external-api-irUntrusted data passed to external API
CWE-693C/C++cpp/untrusted-data-to-external-apiUntrusted data passed to external API
CWE-693C/C++cpp/uncontrolled-process-operationUncontrolled process operation
CWE-693C/C++cpp/unclear-array-index-validationUnclear validation of array index
CWE-693C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-693C/C++cpp/user-controlled-bypassAuthentication bypass by spoofing
CWE-693C/C++cpp/certificate-result-conflationCertificate result conflation
CWE-693C/C++cpp/certificate-not-checkedCertificate not checked
CWE-693C/C++cpp/cleartext-storage-bufferCleartext storage of sensitive information in buffer
CWE-693C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-693C/C++cpp/cleartext-transmissionCleartext transmission of sensitive information
CWE-693C/C++cpp/cleartext-storage-databaseCleartext storage of sensitive information in an SQLite database
CWE-693C/C++cpp/non-https-urlFailure to use HTTPS URLs
CWE-693C/C++cpp/insufficient-key-sizeUse of a cryptographic algorithm with insufficient key size
CWE-693C/C++cpp/weak-cryptographic-algorithmUse of a broken or risky cryptographic algorithm
CWE-693C/C++cpp/openssl-heartbleedUse of a version of OpenSSL with Heartbleed
CWE-693C/C++cpp/world-writable-file-creationFile created without restricting permissions
CWE-693C/C++cpp/open-call-with-mode-argumentFile opened with O_CREAT flag but without mode argument
CWE-693C/C++cpp/unsafe-dacl-security-descriptorSetting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-693C/C++cpp/tainted-permissions-checkUntrusted input for a condition
CWE-693C/C++cpp/late-check-of-function-argumentLate Check Of Function Argument
CWE-693C/C++cpp/linux-kernel-no-check-before-unsafe-put-userLinux kernel no check before unsafe_put_user vulnerability detection
CWE-693C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-693C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-693C/C++cpp/pam-auth-bypassPAM Authorization bypass
CWE-693C/C++cpp/curl-disabled-sslDisabled certifcate verification
CWE-693C/C++cpp/unknown-asymmetric-key-gen-sizeUnknown key generation key size
CWE-693C/C++cpp/weak-asymmetric-key-gen-sizeWeak asymmetric key generation key size (< 2048 bits)
CWE-693C/C++cpp/weak-block-modeWeak block mode
CWE-693C/C++cpp/weak-elliptic-curveWeak elliptic curve
CWE-693C/C++cpp/weak-crypto/banned-encryption-algorithmsWeak cryptography
CWE-693C/C++cpp/weak-crypto/banned-hash-algorithmsWeak cryptography
CWE-697C/C++cpp/missing-case-in-switchMissing enum case in switch
CWE-697C/C++cpp/operator-find-incorrectly-used-switchIncorrect switch statement
CWE-703C/C++cpp/incorrectly-checked-scanfIncorrect return-value check for a 'scanf'-like function
CWE-703C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-703C/C++cpp/return-value-ignoredReturn value of a function is ignored
CWE-703C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-703C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-703C/C++cpp/inconsistent-call-on-resultInconsistent operation on return value
CWE-703C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-703C/C++cpp/ignore-return-value-salSAL requires inspecting return value
CWE-703C/C++cpp/hresult-boolean-conversionCast between HRESULT and a Boolean type
CWE-703C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-703C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-703C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-703C/C++cpp/operator-find-incorrectly-used-exceptionsOperator Find Incorrectly Used Exceptions
CWE-703C/C++cpp/improper-check-return-value-scanfImproper check of return value of scanf
CWE-704C/C++cpp/bad-addition-overflow-checkBad check for overflow of integer addition
CWE-704C/C++cpp/integer-multiplication-cast-to-longMultiplication result converted to larger type
CWE-704C/C++cpp/upcast-array-pointer-arithmeticUpcast array used in pointer arithmetic
CWE-704C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-704C/C++cpp/integer-overflow-taintedPotential integer arithmetic overflow
CWE-704C/C++cpp/incorrect-string-type-conversionCast from char to wchar_t
CWE-704C/C++cpp/type-confusionType confusion
CWE-705C/C++cpp/operator-find-incorrectly-used-exceptionsOperator Find Incorrectly Used Exceptions
CWE-706C/C++cpp/path-injectionUncontrolled data used in path expression
CWE-707C/C++cpp/non-constant-formatNon-constant format string
CWE-707C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-707C/C++cpp/improper-null-terminationPotential improper null termination
CWE-707C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-707C/C++cpp/command-line-injectionUncontrolled data used in OS command
CWE-707C/C++cpp/cgi-xssCGI script vulnerable to cross-site scripting
CWE-707C/C++cpp/sql-injectionUncontrolled data in SQL query
CWE-707C/C++cpp/tainted-format-stringUncontrolled format string
CWE-707C/C++cpp/user-controlled-null-termination-taintedUser-controlled data may not be null terminated
CWE-707C/C++cpp/wordexp-injectionUncontrolled data used inwordexp command
CWE-710C/C++cpp/unused-local-variableUnused local variable
CWE-710C/C++cpp/unused-static-functionUnused static function
CWE-710C/C++cpp/unused-static-variableUnused static variable
CWE-710C/C++cpp/dead-code-conditionBranching condition always evaluates to same value
CWE-710C/C++cpp/dead-code-functionFunction is never called
CWE-710C/C++cpp/dead-code-gotoDead code due to goto or break statement
CWE-710C/C++cpp/double-freePotential double free
CWE-710C/C++cpp/inconsistent-nullness-testingInconsistent null check of pointer
CWE-710C/C++cpp/incorrectly-checked-scanfIncorrect return-value check for a 'scanf'-like function
CWE-710C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-710C/C++cpp/missing-null-testReturned pointer not checked
CWE-710C/C++cpp/unused-variableVariable is assigned a value that is never read
CWE-710C/C++cpp/fixme-commentFIXME comment
CWE-710C/C++cpp/todo-commentTODO comment
CWE-710C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-710C/C++cpp/wrong-number-format-argumentsToo few arguments to formatting function
CWE-710C/C++cpp/wrong-type-format-argumentWrong type of arguments to formatting function
CWE-710C/C++cpp/inconsistent-null-checkInconsistent nullness check
CWE-710C/C++cpp/useless-expressionExpression has no effect
CWE-710C/C++cpp/pointer-overflow-checkPointer overflow check
CWE-710C/C++cpp/bad-strncpy-sizePossibly wrong buffer size in string copy
CWE-710C/C++cpp/suspicious-call-to-memsetSuspicious call to memset
CWE-710C/C++cpp/unsafe-strncatPotentially unsafe call to strncat
CWE-710C/C++cpp/unsafe-strcatPotentially unsafe use of strcat
CWE-710C/C++cpp/redundant-null-check-simpleRedundant null check due to previous dereference
CWE-710C/C++cpp/too-few-argumentsCall to function with fewer arguments than declared parameters
CWE-710C/C++cpp/ignore-return-value-salSAL requires inspecting return value
CWE-710C/C++cpp/memset-may-be-deletedCall tomemset may be deleted
CWE-710C/C++cpp/hresult-boolean-conversionCast between HRESULT and a Boolean type
CWE-710C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-710C/C++cpp/dangerous-function-overflowUse of dangerous function
CWE-710C/C++cpp/dangerous-cinDangerous use of 'cin'
CWE-710C/C++cpp/potentially-dangerous-functionUse of potentially dangerous function
CWE-710C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-710C/C++cpp/twice-lockedMutex locked twice
CWE-710C/C++cpp/unreleased-lockLock may not be released
CWE-710C/C++cpp/deref-null-resultNull dereference from a function result
CWE-710C/C++cpp/redundant-null-check-paramRedundant null check or missing null check of parameter
CWE-710C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-710C/C++cpp/wrong-use-of-the-umaskFind the wrong use of the umask function.
CWE-710C/C++cpp/experimental-double-freeErrors When Double Free
CWE-710C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-710C/C++cpp/operator-find-incorrectly-used-switchIncorrect switch statement
CWE-710C/C++cpp/double-releaseErrors When Double Release
CWE-710C/C++cpp/errors-of-undefined-program-behaviorErrors Of Undefined Program Behavior
CWE-732C/C++cpp/world-writable-file-creationFile created without restricting permissions
CWE-732C/C++cpp/open-call-with-mode-argumentFile opened with O_CREAT flag but without mode argument
CWE-732C/C++cpp/unsafe-dacl-security-descriptorSetting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-733C/C++cpp/memset-may-be-deletedCall tomemset may be deleted
CWE-754C/C++cpp/incorrectly-checked-scanfIncorrect return-value check for a 'scanf'-like function
CWE-754C/C++cpp/missing-check-scanfMissing return-value check for a 'scanf'-like function
CWE-754C/C++cpp/return-value-ignoredReturn value of a function is ignored
CWE-754C/C++cpp/overflowing-snprintfPotentially overflowing call to snprintf
CWE-754C/C++cpp/inconsistent-call-on-resultInconsistent operation on return value
CWE-754C/C++cpp/ignore-return-value-salSAL requires inspecting return value
CWE-754C/C++cpp/hresult-boolean-conversionCast between HRESULT and a Boolean type
CWE-754C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-754C/C++cpp/work-with-changing-working-directoriesFind work with changing working directories, with security errors.
CWE-754C/C++cpp/drop-linux-privileges-outoforderLinuxPrivilegeDroppingOutoforder
CWE-754C/C++cpp/improper-check-return-value-scanfImproper check of return value of scanf
CWE-755C/C++cpp/incorrect-allocation-error-handlingIncorrect allocation-error handling
CWE-755C/C++cpp/operator-find-incorrectly-used-exceptionsOperator Find Incorrectly Used Exceptions
CWE-758C/C++cpp/pointer-overflow-checkPointer overflow check
CWE-758C/C++cpp/memset-may-be-deletedCall tomemset may be deleted
CWE-758C/C++cpp/errors-of-undefined-program-behaviorErrors Of Undefined Program Behavior
CWE-764C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-764C/C++cpp/twice-lockedMutex locked twice
CWE-764C/C++cpp/unreleased-lockLock may not be released
CWE-770C/C++cpp/alloca-in-loopCall to alloca in a loop
CWE-770C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-772C/C++cpp/catch-missing-freeLeaky catch
CWE-772C/C++cpp/descriptor-may-not-be-closedOpen descriptor may not be closed
CWE-772C/C++cpp/descriptor-never-closedOpen descriptor never closed
CWE-772C/C++cpp/file-may-not-be-closedOpen file may not be closed
CWE-772C/C++cpp/file-never-closedOpen file is not closed
CWE-772C/C++cpp/memory-may-not-be-freedMemory may not be freed
CWE-772C/C++cpp/memory-never-freedMemory is never freed
CWE-772C/C++cpp/new-free-mismatchMismatching new/free or malloc/delete
CWE-772C/C++cpp/memory-leak-on-failed-call-to-reallocMemory leak on failed call to realloc
CWE-775C/C++cpp/descriptor-may-not-be-closedOpen descriptor may not be closed
CWE-775C/C++cpp/descriptor-never-closedOpen descriptor never closed
CWE-775C/C++cpp/file-may-not-be-closedOpen file may not be closed
CWE-775C/C++cpp/file-never-closedOpen file is not closed
CWE-783C/C++cpp/operator-precedence-logic-error-when-use-bitwise-logical-operationsOperator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-783C/C++cpp/operator-precedence-logic-error-when-use-bool-typeOperator Precedence Logic Error When Use Bool Type
CWE-787C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-787C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-787C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-787C/C++cpp/badly-bounded-writeBadly bounded write
CWE-787C/C++cpp/overrunning-writePotentially overrunning write
CWE-787C/C++cpp/overrunning-write-with-floatPotentially overrunning write with float to string conversion
CWE-787C/C++cpp/unbounded-writeUnbounded write
CWE-787C/C++cpp/very-likely-overrunning-writeLikely overrunning write
CWE-787C/C++cpp/unterminated-variadic-callUnterminated variadic call
CWE-787C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-787C/C++cpp/invalid-pointer-derefInvalid pointer dereference
CWE-787C/C++cpp/sign-conversion-pointer-arithmeticunsigned to signed used in pointer arithmetic
CWE-788C/C++cpp/allocation-too-smallNot enough memory allocated for pointer type
CWE-788C/C++cpp/suspicious-allocation-sizeNot enough memory allocated for array of pointer type
CWE-788C/C++cpp/unsafe-strncatPotentially unsafe call to strncat
CWE-788C/C++cpp/overflow-bufferCall to memory access function may overflow buffer
CWE-788C/C++cpp/unterminated-variadic-callUnterminated variadic call
CWE-788C/C++cpp/no-space-for-terminatorNo space for zero terminator
CWE-788C/C++cpp/openssl-heartbleedUse of a version of OpenSSL with Heartbleed
CWE-788C/C++cpp/access-memory-location-after-end-buffer-strlenAccess Of Memory Location After End Of Buffer
CWE-789C/C++cpp/uncontrolled-allocation-sizeUncontrolled allocation size
CWE-805C/C++cpp/badly-bounded-writeBadly bounded write
CWE-805C/C++cpp/overrunning-writePotentially overrunning write
CWE-805C/C++cpp/overrunning-write-with-floatPotentially overrunning write with float to string conversion
CWE-805C/C++cpp/unbounded-writeUnbounded write
CWE-805C/C++cpp/very-likely-overrunning-writeLikely overrunning write
CWE-805C/C++cpp/buffer-access-with-incorrect-length-valueBuffer access with incorrect length value
CWE-807C/C++cpp/tainted-permissions-checkUntrusted input for a condition
CWE-823C/C++cpp/late-negative-testPointer offset used before it is checked
CWE-823C/C++cpp/missing-negativity-testUnchecked return value used as offset
CWE-825C/C++cpp/double-freePotential double free
CWE-825C/C++cpp/use-after-freePotential use after free
CWE-825C/C++cpp/return-stack-allocated-memoryReturning stack-allocated memory
CWE-825C/C++cpp/using-expired-stack-addressUse of expired stack-address
CWE-825C/C++cpp/iterator-to-expired-containerIterator to expired container
CWE-825C/C++cpp/use-of-string-after-lifetime-endsUse of string after lifetime ends
CWE-825C/C++cpp/use-of-unique-pointer-after-lifetime-endsUse of unique pointer after lifetime ends
CWE-825C/C++cpp/experimental-double-freeErrors When Double Free
CWE-825C/C++cpp/use-after-expired-lifetimeUse of object after its lifetime has ended
CWE-825C/C++cpp/dangerous-use-of-exception-blocksDangerous use of exception blocks.
CWE-826C/C++cpp/self-assignment-checkSelf assignment check
CWE-833C/C++cpp/lock-order-cycleCyclic lock order dependency
CWE-833C/C++cpp/twice-lockedMutex locked twice
CWE-833C/C++cpp/unreleased-lockLock may not be released
CWE-834C/C++cpp/inconsistent-loop-directionInconsistent direction of for loop
CWE-834C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-834C/C++cpp/infinite-loop-with-unsatisfiable-exit-conditionInfinite loop with unsatisfiable exit condition
CWE-835C/C++cpp/inconsistent-loop-directionInconsistent direction of for loop
CWE-835C/C++cpp/comparison-with-wider-typeComparison of narrow type with wide type in loop condition
CWE-835C/C++cpp/infinite-loop-with-unsatisfiable-exit-conditionInfinite loop with unsatisfiable exit condition
CWE-843C/C++cpp/upcast-array-pointer-arithmeticUpcast array used in pointer arithmetic
CWE-843C/C++cpp/type-confusionType confusion
CWE-908C/C++cpp/improper-check-return-value-scanfImproper check of return value of scanf
CWE-909C/C++cpp/initialization-not-runInitialization code not run
CWE-922C/C++cpp/cleartext-storage-bufferCleartext storage of sensitive information in buffer
CWE-922C/C++cpp/cleartext-storage-fileCleartext storage of sensitive information in file
CWE-922C/C++cpp/cleartext-storage-databaseCleartext storage of sensitive information in an SQLite database
CWE-943C/C++cpp/sql-injectionUncontrolled data in SQL query
CWE-1041C/C++cpp/call-to-function-without-wrapperMissed opportunity to call wrapper function
CWE-1078C/C++cpp/comma-before-misleading-indentationComma before misleading indentation
CWE-1126C/C++cpp/errors-when-using-variable-declaration-inside-loopErrors When Using Variable Declaration Inside Loop
CWE-1240C/C++cpp/crypto-primitiveImplementation of a cryptographic primitive
[8]ページ先頭
©2009-2025 Movatter.jp