CWE - VIEW LIST: CWE-635: Weaknesses Used by NVD (Draft 9)

Home > CWE List > VIEW LIST: CWE-635: Weaknesses Used by NVD (Draft 9)

View the CWE List

CWE List
Full Dictionary View
Classification Tree
Reports

About
Sources
Process
Documents

Community
Related Activities
Discussion List
Research

News
Calendar
Free Newsletter

Compatibility
Program
Requirements
Declarations
Make a Declaration

Contact Us
Search the Site

Section Contents
CWE List
Full Dictionary View
Classification Tree
Reports
Other Items of Interest
Sources

(CWE-635)

View Definition

Key
- Weakness
- Base
- Variant
- Class
- Chain
- Composite
- Category
- View
- Deprecated

VIEW LIST: CWE-635: Weaknesses Used by NVD (Draft 9)

View ID

Status: Draft

635 (View)

Objective

CWE nodes in this view (slice) are used by NIST to categorize vulnerabilities within NVD.

View Data

	CWEs in this view		Total CWEs
Total	19	out of	695
Views	0	out of	14
Categories	6	out of	64
Weaknesses	12	out of	605
Compound_Elements	1	out of	12

Code Injection - (94)

Configuration - (16)

Credentials Management - (255)

Cross-Site Request Forgery (CSRF) - (352)

Cryptographic Issues - (310)

Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer - (119)

Failure to Resolve Links Before File Access (aka 'Link Following') - (59)

Failure to Sanitize Data into an OS Command (aka 'OS Command Injection') - (78)

Failure to Sanitize Data into SQL Queries (aka 'SQL Injection') - (89)

Failure to Sanitize Directives in a Web Page (aka 'Cross-site scripting' (XSS)) - (79)

Information Leak (Information Disclosure) - (200)

Insufficient Authentication - (287)

Insufficient Input Validation - (20)

Numeric Errors - (189)

Path Traversal - (22)

Permissions, Privileges, and Access Controls - (264)

Race Condition - (362)

Resource Management Errors - (399)

Uncontrolled Format String - (134)

Page Last Updated: April 11, 2008


	CWE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Copyright 2008, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us