From 2008 to 2016, NIST utilized CWE nodes in this perspective to classify vulnerabilities. Projects have adopted this initial version widely.

CWE-16: Common Vulnerabilities in Software Configuration

CWE-20: Improper Input Validation

CWE-22: Data Details

CWE-59: Link Following

CWE-78: OS Command Injection

CWE-79: Weaknesses Originally Used by NVD from 2008 to 2016

CWE-89: SQL Injection

CWE-94: Code Injection Vulnerabilities Prevention

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-134: Format String Vulnerability

CWE-189: Numerical Computation or Conversion Deficiencies

CWE-200: Loss of Confidentiality

CWE-255: Authorization Administration Weaknesses

CWE-264: Handling of Permissions and Access Control Weaknesses

CWE-287: Authentication Issues

CWE-310: Data Confidentiality and Integrity Safeguarding Deficiencies

CWE-352: Cross-Site Request Forgery (CSRF)

CWE-362: Synchronization Primitive Misuse in Architecture and Design

CWE-399: Inadequate Handling of System Resources

Learn about CWE 635, an issue with improper pathname restriction leading to restricted directory traversal. Understand NIST's usage and related projects.

Prevent Path Traversal Vulnerabilities - CWE 635

CWE-635: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Weaknesses

Views

Total

CWE-635: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Objective

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CWE-635: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Objective

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now