CWE - VIEW LIST: CWE-630: Weaknesses Examined by SAMATE (Draft 9)

Home > CWE List > VIEW LIST: CWE-630: Weaknesses Examined by SAMATE (Draft 9)

View the CWE List

CWE List
Full Dictionary View
Classification Tree
Reports

About
Sources
Process
Documents

Community
Related Activities
Discussion List
Research

News
Calendar
Free Newsletter

Compatibility
Program
Requirements
Declarations
Make a Declaration

Contact Us
Search the Site

Section Contents
CWE List
Full Dictionary View
Classification Tree
Reports
Other Items of Interest
Sources

(CWE-630)

View Definition

Key
- Weakness
- Base
- Variant
- Class
- Chain
- Composite
- Category
- View
- Deprecated

VIEW LIST: CWE-630: Weaknesses Examined by SAMATE (Draft 9)

View ID

Status: Draft

630 (View)

Objective

CWE nodes in this view (slice) are being focused on by SAMATE.

View Data

	CWEs in this view		Total CWEs
Total	21	out of	695
Views	0	out of	14
Categories	1	out of	64
Weaknesses	20	out of	605
Compound_Elements	0	out of	12

Origin

http://samate.nist.gov/index.php/Source_Code_Security_Analysis

Double Free - (415)

Failure to Clear Heap Memory Before Release - (244)

Failure to Release Memory Before Removing Last Reference (aka 'Memory Leak') - (401)

Failure to Sanitize Data into an OS Command (aka 'OS Command Injection') - (78)

Failure to Sanitize Data into SQL Queries (aka 'SQL Injection') - (89)

Failure to Sanitize Script-Related HTML Tags in a Web Page (Basic XSS) - (80)

Hard-Coded Password - (259)

Heap-based Buffer Overflow - (122)

Improper Null Termination - (170)

Incorrect Pointer Scaling - (468)

Insufficient Control of Resource Identifiers (aka 'Resource Injection') - (99)

Leftover Debug Code - (489)

NULL Pointer Dereference - (476)

Often Misused: String Management - (251)

Stack-based Buffer Overflow - (121)

Time-of-check Time-of-use Race Condition - (367)

Unchecked Error Condition - (391)

Uncontrolled Format String - (134)

Unrestricted Lock on Critical Resource - (412)

Use After Free - (416)

Use of Uninitialized Variable - (457)

Page Last Updated: April 11, 2008


	CWE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Copyright 2008, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us