Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:2010 Top 25 - Weaknesses On the Cusp
Category ID:808
Vulnerability Mapping:Prohibited
Status:Obsolete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are not part of the general Top 25, but they were part of the original nominee list from which the Top 25 was drawn.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV800Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
HasMemberAllowedB134Use of Externally-Controlled Format String
HasMemberAllowedB212Improper Removal of Sensitive Information Before Storage or Transfer
HasMemberAllowedB307Improper Restriction of Excessive Authentication Attempts
HasMemberDiscouragedC330Use of Insufficiently Random Values
HasMemberAllowedV416Use After Free
HasMemberAllowed-with-ReviewB426Untrusted Search Path
HasMemberAllowedB454External Initialization of Trusted Variables or Data Stores
HasMemberAllowedV456Missing Initialization of a Variable
HasMemberAllowedB476NULL Pointer Dereference
HasMemberAllowedB59Improper Link Resolution Before File Access ('Link Following')
HasMemberAllowed-with-ReviewC672Operation on a Resource after Expiration or Release
HasMemberAllowedB681Incorrect Conversion between Numeric Types
HasMemberAllowedB749Exposed Dangerous Method or Function
HasMemberAllowedB772Missing Release of Resource after Effective Lifetime
HasMemberAllowed-with-ReviewC799Improper Control of Interaction Frequency
HasMemberAllowedB804Guessable CAPTCHA
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 800
Name: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 134
Name: Use of Externally-Controlled Format String
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 212
Name: Improper Removal of Sensitive Information Before Storage or Transfer
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 307
Name: Improper Restriction of Excessive Authentication Attempts
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 330
Name: Use of Insufficiently Random Values
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 416
Name: Use After Free
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 426
Name: Untrusted Search Path
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 454
Name: External Initialization of Trusted Variables or Data Stores
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 456
Name: Missing Initialization of a Variable
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 476
Name: NULL Pointer Dereference
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 59
Name: Improper Link Resolution Before File Access ('Link Following')
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 672
Name: Operation on a Resource after Expiration or Release
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 681
Name: Incorrect Conversion between Numeric Types
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 749
Name: Exposed Dangerous Method or Function
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 772
Name: Missing Release of Resource after Effective Lifetime
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 799
Name: Improper Control of Interaction Frequency
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 804
Name: Guessable CAPTCHA
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-732
Title: 2010 CWE/SANS Top 25 Most Dangerous Software Errors
Version: v4.15
Author:
Publication:
Publisher:
Edition:
URL:http://cwe.mitre.org/top25/archive/2010/2010_cwe_sans_top25.html
URL Date:
Day:04
Month:02
Year:2010
Details not found