| CWE-787: Out-of-bounds Write |
0 |
0 |
0 |
| CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) |
36 |
0 |
38 |
| CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) |
17 |
0 |
56 |
| CWE-416: Use After Free |
0 |
0 |
0 |
| CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) |
0 |
2 |
0 |
| CWE-20: Improper Input Validation |
17 |
0 |
0 |
| CWE-125: Out-of-bounds Read |
0 |
0 |
0 |
| CWE-22: Improper Limitation of a Pathname |
1 |
27 |
45 |
| to a Restricted Directory (‘Path Traversal’) |
|
|
|
| CWE-352: Cross-Site Request Forgery (CSRF) |
0 |
65 |
0 |
| CWE-434: Unrestricted Upload of File with Dangerous Type |
12 |
0 |
0 |
| CWE-862: Missing Authorization |
2 |
40 |
4 |
| CWE-476: NULL Pointer Dereference |
0 |
0 |
0 |
| CWE-287: Improper Authentication |
70 |
0 |
0 |
| CWE-190: Integer Overflow or Wraparound |
0 |
0 |
0 |
| CWE-502: De-serialization of Untrusted Data |
0 |
0 |
0 |
| CWE-77: Improper Neutralization of Special Elements used in a Command (‘Command Injection’) |
13 |
0 |
0 |
| CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer |
1 |
18 |
1 |
| CWE-798: Use of Hard-coded Credentials |
74 |
0 |
0 |
| CWE-918: Server-Side Request Forgery (SSRF) |
4 |
2 |
0 |
| CWE-306: Missing Authentication for Critical Function |
34 |
0 |
0 |
| CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) |
11 |
0 |
0 |
| CWE-269: Improper Privilege Management |
2 |
0 |
0 |
| CWE-94: Improper Control of Generation of Code (’Code Injection’) |
4 |
3 |
0 |
| CWE-863: Incorrect Authorization |
0 |
0 |
0 |
| CWE-276: Incorrect Default Permissions |
0 |
0 |
0 |
