Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE VIEW:Weaknesses in the 2020 CWE Top 25 Most Dangerous Software Weaknesses
ID:1350
Vulnerability Mapping:Prohibited
Type:Graph
Status:Stable
DetailsContent HistoryObserved CVE ExamplesReports
▼Objective

CWE entries in this view are listed in the 2020 CWE Top 25 Most Dangerous Software Weaknesses.

▼Memberships
NatureMappingTypeIDName
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:View
Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comments:

Use this View or other Views to search and navigate for the appropriate weakness.

▼Notes
▼Audience
StakeholderDescription
Software Developers

By following the CWE Top 25, developers are able to significantly reduce the number of weaknesses that occur in their software.

Product Customers

Customers can use the weaknesses in this view in order to formulate independent evidence of a claim by a product vendor to have eliminated / mitigated the most dangerous weaknesses.

Educators

Educators can use this view to focus curriculum and teachings on the most dangerous weaknesses.

Stakeholder: Software Developers
Description:

By following the CWE Top 25, developers are able to significantly reduce the number of weaknesses that occur in their software.

Stakeholder: Product Customers
Description:

Customers can use the weaknesses in this view in order to formulate independent evidence of a claim by a product vendor to have eliminated / mitigated the most dangerous weaknesses.

Stakeholder: Educators
Description:

Educators can use this view to focus curriculum and teachings on the most dangerous weaknesses.

▼References
Reference ID: REF-1132
Title: 2020 CWE Top 25 Most Dangerous Software Weaknesses
Version: v4.15
Author:
Publication:
Publisher:
Edition:
URL:http://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.html
URL Date:
Day:20
Month:08
Year:2020
Expand AllCollapse All
1350 - Weaknesses in the 2020 CWE Top 25 Most Dangerous Software Weaknesses
BImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (89)
CImproper Restriction of Operations within the Bounds of a Memory Buffer (119)
BOut-of-bounds Read (125)
BInteger Overflow or Wraparound (190)
CImproper Input Validation (20)
CExposure of Sensitive Information to an Unauthorized Actor (200)
BImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (22)
CImproper Privilege Management (269)
CImproper Authentication (287)
BMissing Authentication for Critical Function (306)
CCross-Site Request Forgery (CSRF) (352)
CUncontrolled Resource Consumption (400)
VUse After Free (416)
BUnrestricted Upload of File with Dangerous Type (434)
BNULL Pointer Dereference (476)
BDeserialization of Untrusted Data (502)
CInsufficiently Protected Credentials (522)
BImproper Restriction of XML External Entity Reference (611)
CIncorrect Permission Assignment for Critical Resource (732)
BImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (78)
BOut-of-bounds Write (787)
BImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (79)
BUse of Hard-coded Credentials (798)
CMissing Authorization (862)
BImproper Control of Generation of Code ('Code Injection') (94)
Details not found