Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-1057 The software uses a dedicated, central data manager component as required by design, but it contains code that performs data-access operations that do not use this data manager.
CWE-1058 The code contains a function or method that operates in a multi-threaded environment but owns an unsafe non-final static storable or member data element.
CWE-1059 The documentation, whether on paper or in electronic form, does not contain descriptions of all the relevant elements of the product, such as its usage, structure, interfaces, design, implementation, configuration, operation, etc.
CWE-106 When an application does not use an input validation framework such as the Struts Validator, there is a greater risk of introducing weaknesses related to insufficient input validation.
CWE-1060 The software performs too many data queries without using efficient data processing functionality such as stored procedures.
CWE-1061 The software does not sufficiently hide the internal representation and implementation details of data or methods, which might allow external components or modules to modify data unexpectedly, invoke unexpected functionality, or introduce dependencies that the programmer did not intend.
CWE-1062 The code has a parent class that contains references to a child class, its methods, or its members.
CWE-1063 A static code block creates an instance of a class.
CWE-1064 The software contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments.
CWE-1065 The application uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server.