Incomplete Cleanup
| |
HTTP Request Smuggling
| |
Incomplete Cleanup
| |
Incomplete Cleanup
| |
Improper Input Validation
| |
Open Redirect
| |
Information Exposure
| |
Off-by-one Error
| |
Information Exposure
| |
Allocation of Resources Without Limits or Throttling
| |
Arbitrary Code Injection
| |
Memory Leak
| |
HTTP Request Smuggling
| |
Incomplete Documentation of Program Execution
| |
Time-of-check Time-of-use (TOCTOU)
| |
Improper Access Control
| |
Improper Access Control
| |
Loop with Unreachable Exit Condition ('Infinite Loop')
| |
Information Exposure
| |
Improper Input Validation
| |
Insufficient Verification of Data Authenticity
| |
Improper Input Validation
| |
Incorrect Privilege Assignment
| |
Exposure of Resource to Wrong Sphere
| |
Error Handling
| |
HTTP Request Smuggling
| |
Files or Directories Accessible to External Parties
| |
Authentication Bypass
| |
Improper Authentication
| |
Cross-site Request Forgery (CSRF)
| |
Allocation of Resources Without Limits or Throttling
| |
Improper Input Validation
| |
Improper Authentication
| |
Directory Traversal
| |
Improper Access Control
| |
Improper Input Validation
| |
CVE-2015-5346
| |
Improper Access Control
| |
Improper Access Control
| |
Resource Exhaustion
| |
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
| |
XML External Entity (XXE) Injection
| |
Integer Overflow or Wraparound
| |
Improper Input Validation
| |
Improper Input Validation
| |
CVE-2014-0186
| |
Improper Input Validation
| |
HTTP Request Smuggling
| |
Improper Input Validation
| |
Improper Access Control
| |
Resource Injection
| |
Information Exposure
| |
Improper Access Control
| |
Security Features
| |
Information Exposure
| |
Deserialization of Untrusted Data
| |
Security Features
| |
Deserialization of Untrusted Data
| |
Access Restriction Bypass
| |
Improper Authorization
| |
Resource Exhaustion
| |
Session Fixation
| |
Cross-site Scripting (XSS)
| |