BaseBase Access of Resource Using Incompatible Type ('Type Confusion') - (843)
BaseBase Addition of Data Structure Sentinel - (464)
VariantVariant Assigning instead of Comparing - (481)
BaseBase Assignment of a Fixed Address to a Pointer - (587)
VariantVariant Buffer Access Using Size of Source Buffer - (806)
BaseBase Buffer Access with Incorrect Length Value - (805)
BaseBase Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') - (120)
VariantVariant Buffer Over-read - (126)
VariantVariant Buffer Under-read - (127)
BaseBase Buffer Underwrite ('Buffer Underflow') - (124)
VariantVariant Comparing instead of Assigning - (482)
BaseBase Compiler Optimization Removal or Modification of Security-critical Code - (733)
BaseBase Compiler Removal of Code to Clear Buffers - (14)
ClassClass Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') - (362)
VariantVariant Creation of chroot Jail Without Changing Working Directory - (243)
BaseBase Deletion of Data Structure Sentinel - (463)
VariantVariant Double Free - (415)
BaseBase Duplicate Key in Associative List (Alist) - (462)
VariantVariant Exposed IOCTL with Insufficient Access Control - (782)
VariantVariant Function Call With Incorrect Number of Arguments - (685)
VariantVariant Function Call With Incorrect Variable or Reference as Argument - (688)
VariantVariant Heap-based Buffer Overflow - (122)
VariantVariant Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code - (781)
VariantVariant Improper Cleanup on Thrown Exception - (460)
VariantVariant Improper Clearing of Heap Memory Before Release ('Heap Inspection') - (244)
BaseBase Improper Handling of Length Parameter Inconsistency - (130)
BaseBase Improper Null Termination - (170)
BaseBase Improper Release of Memory Before Removing Last Reference ('Memory Leak') - (401)
ClassClass Improper Restriction of Operations within the Bounds of a Memory Buffer - (119)
BaseBase Improper Update of Reference Count - (911)
BaseBase Improper Validation of Array Index - (129)
VariantVariant Incorrect Block Delimitation - (483)
BaseBase Incorrect Calculation of Buffer Size - (131)
BaseBase Incorrect Calculation of Multi-Byte String Length - (135)
BaseBase Incorrect Pointer Scaling - (468)
ClassClass Incorrect Type Conversion or Cast - (704)
ClassClass Integer Coercion Error - (192)
BaseBase Integer Underflow (Wrap or Wraparound) - (191)
VariantVariant Mismatched Memory Management Routines - (762)
VariantVariant Missing Default Case in Switch Statement - (478)
BaseBase NULL Pointer Dereference - (476)
BaseBase Numeric Range Comparison Without Minimum Check - (839)
BaseBase Numeric Truncation Error - (197)
BaseBase Omitted Break Statement in Switch - (484)
VariantVariant Operator Precedence Logic Error - (783)
BaseBase Out-of-bounds Read - (125)
BaseBase Passing Mutable Objects to an Untrusted Method - (374)
CompositeComposite Permission Race Condition During Resource Copy - (689)
VariantVariant Private Array-Typed Field Returned From A Public Method - (495)
VariantVariant Public Data Assigned to Private Array-Typed Field - (496)
BaseBase Race Condition in Switch - (365)
BaseBase Race Condition within a Thread - (366)
BaseBase Reliance on Data/Memory Layout - (188)
BaseBase Return of Pointer Value Outside of Expected Range - (466)
BaseBase Return of Stack Variable Address - (562)
BaseBase Returning a Mutable Object to an Untrusted Caller - (375)
BaseBase Signal Handler Race Condition - (364)
VariantVariant Signal Handler Use of a Non-reentrant Function - (479)
VariantVariant Signed to Unsigned Conversion Error - (195)
VariantVariant Stack-based Buffer Overflow - (121)
ChainChain Unchecked Return Value to NULL Pointer Dereference - (690)
VariantVariant Uncontrolled Memory Allocation - (789)
BaseBase Unexpected Sign Extension - (194)
VariantVariant Unsigned to Signed Conversion Error - (196)
BaseBase Use After Free - (416)
BaseBase Use of Expired File Descriptor - (910)
BaseBase Use of Externally-Controlled Format String - (134)
BaseBase Use of Function with Inconsistent Implementations - (474)
VariantVariant Use of getlogin() in Multithreaded Application - (558)
BaseBase Use of Incorrect Operator - (480)
BaseBase Use of Inherently Dangerous Function - (242)
VariantVariant Use of Path Manipulation Function without Maximum-sized Buffer - (785)
BaseBase Use of Pointer Subtraction to Determine Size - (469)
BaseBase Use of Potentially Dangerous Function - (676)
VariantVariant Use of sizeof() on a Pointer Type - (467)
VariantVariant Use of umask() with chmod-style Argument - (560)
VariantVariant Use of Uninitialized Variable - (457)
BaseBase Wrap-around Error - (128)
BaseBase Write-what-where Condition - (123)