CWE Top 25 Most Dangerous Software Weaknesses
GPTKB entity
Statements (55)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:software_security_list
|
| gptkbp:annualEvent |
true
|
| gptkbp:basedOn |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:contains |
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound CWE-201: Information Exposure through Sent Data CWE-204: Response Discrepancy Information Exposure CWE-20: Improper Input Validation CWE-22: Path Traversal CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions CWE-287: Improper Authentication CWE-352: Cross-Site Request Forgery (CSRF) CWE-362: Race Condition CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free CWE-476: NULL Pointer Dereference CWE-502: Deserialization of Untrusted Data CWE-522: Insufficiently Protected Credentials CWE-77: Command Injection CWE-787: Out-of-bounds Write CWE-78: OS Command Injection CWE-798: Use of Hard-coded Credentials CWE-79: Cross-site Scripting (XSS) CWE-862: Missing Authorization CWE-89: SQL Injection CWE-918: Server-Side Request Forgery (SSRF) CWE-94: Code Injection CWE-306: Missing Authentication for Critical Function CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-434: Unrestricted Upload of File with Dangerous Type CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource CWE-611: Improper Restriction of XML External Entity Reference (XXE) CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) |
| gptkbp:firstPublished |
2010
|
| gptkbp:focusesOn |
software vulnerabilities
|
| gptkbp:publishedBy |
gptkb:MITRE_Corporation
|
| gptkbp:usedBy |
software developers
security professionals penetration testers |
| gptkbp:bfsParent |
gptkb:CWE-119
gptkb:CWE-306 gptkb:CWE-20 gptkb:CWE-502 gptkb:CWE-200_(Information_Exposure) gptkb:CWE-400_(Uncontrolled_Resource_Consumption) gptkb:CWE-732_(Incorrect_Permission_Assignment_for_Critical_Resource) gptkb:CWE-798_(Use_of_Hard-coded_Credentials) gptkb:CWE-611 gptkb:CWE-798 gptkb:CWE-862 |
| gptkbp:bfsLayer |
8
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE Top 25 Most Dangerous Software Weaknesses
|