Kategoria: CWE

CWE-200

CWE-200 An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

CWE-20

CWE-20

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

CWE-264

CWE-264 Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

CWE-119

CWE-119

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.