Sensitive Cookie Without 'HttpOnly' Flag
Insufficient Visual Distinction of Homoglyphs Presented to User
Struts: Duplicate Validation Forms
Improper Restriction of Rendered UI Layers or Frames
Use of Web Link to Untrusted Target with window.opener Access
Incomplete Comparison with Missing Factors
Comparison of Incompatible Types
Comparison Using Wrong Factors
Struts: Incomplete validate() Method Definition
Processor Optimization Removal or Modification of Security-critical Code
Insecure Automated Optimizations
Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations
Struts: Form Bean Does Not Extend Validation Class
Use of Redundant Code
Static Member Data Element outside of a Singleton Class Element
Data Element Aggregating an Excessively Large Number of Non-Primitive Elements
Architecture with Number of Horizontal Layers Outside of Expected Range
Parent Class with a Virtual Destructor and a Child Class without a Virtual Destructor
Creation of Immutable Text Using String Concatenation
Modules with Circular Dependencies
Invokable Control Element with Large Number of Outward Calls
Excessive Data Query Operations in a Large Data Table
Struts: Form Field Without Validator
Excessive Platform Resource Consumption within a Loop
Initialization with Hard-Coded Network Resource Configuration Data
Excessive Use of Hard-Coded Literals in Initialization
Missing Documentation for Design
Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Multiple Inheritance from Concrete Classes
Invokable Control Element with Variadic Parameters
Data Access Operations Outside of Expected Data Manager Component
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Insufficient Technical Documentation
Struts: Plug-in Framework not in Use
Excessive Number of Inefficient Server-Side Data Accesses
Insufficient Encapsulation
Parent Class with References to Child Class
Creation of Class Instance within a Static Code Block
Invokable Control Element with Signature Containing an Excessive Number of Parameters
Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Missing Serialization Control Element
Excessive Execution of Sequential Searches of Data Resource
Inconsistency Between Implementation and Documented Design
Empty Exception Block
Struts: Unused Validation Form
Serializable Data Element Containing non-Serializable Item Elements
Empty Code Block
Data Resource Access without Use of Connection Pooling
Non-SQL Invokable Control Element with Excessive Number of Data Resource Accesses
Class with Excessively Deep Inheritance
Unconditional Control Flow Transfer outside of Switch Block
Insufficient Adherence to Expected Conventions
Floating Point Comparison with Incorrect Operator
Inappropriate Source Code Style or Formatting
Parent Class without Virtual Destructor Method
Struts: Unvalidated Action Form
Source Code File with Excessive Number of Lines of Code
Class Instance Self Destruction Control Element
Data Access from Outside Expected Data Manager Component
Invokable Control Element with Excessive File or Data Access Operations
Invokable Control Element with Excessive Volume of Commented-out Code
Class with Excessive Number of Child Classes
Class with Virtual Method without a Virtual Destructor
Synchronous Access of Remote Resource without Timeout
Large Data Table with Excessive Number of Indices
Struts: Validator Turned Off
Method Containing Access of a Member Element from Another Class
Use of Object without Invoking Destructor Method
Use of Same Invokable Control Element in Multiple Architectural Layers
Excessively Complex Data Representation
Excessive Index Range Scan for a Data Resource
Loop Condition Value Update within the Loop
Singleton Class Instance Creation without Proper Locking or Synchronization
Persistent Storable Data Element without Associated Comparison Control Element
Data Element containing Pointer Item without Proper Copy Control Element
Inconsistent Naming Conventions for Identifiers
ASP.NET Misconfiguration: Creating Debug Binary
Struts: Validator Without Form Field
Insufficient Isolation of System-Dependent Functions
Reliance on Runtime Component in Generated Code
Reliance on Machine-Dependent Data Representation
Use of Platform-Dependent Third Party Components
Use of Unmaintained Third Party Components
Insufficient Encapsulation of Machine-Dependent Functionality
Insufficient Use of Symbolic Constants
Insufficient Isolation of Symbolic Constant Definitions
Excessive Reliance on Global Variables
Use of Same Variable for Multiple Purposes
Direct Use of Unsafe JNI
Incomplete Design Documentation
Incomplete I/O Documentation
Incomplete Documentation of Program Execution
Inappropriate Comment Style
Inappropriate Whitespace Style
Source Code Element without Standard Prologue
Inaccurate Comments
Callable with Insufficient Behavioral Summary
Insufficient Documentation of Error Handling Techniques
Excessive Use of Unconditional Branching
Missing XML Validation
Excessive Code Complexity
Excessive McCabe Cyclomatic Complexity
Excessive Halstead Complexity
Excessive Use of Self-Modifying Code
Excessively Deep Nesting
Excessive Attack Surface
Declaration of Variable with Unnecessarily Wide Scope
Compilation with Insufficient Warnings or Errors
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
Process Control
Misinterpretation of Input
Improper Encoding or Escaping of Output
Irrelevant Code
Improper Output Neutralization for Logs
Improper Use of Validation Framework
ASP.NET Misconfiguration: Improper Model Validation
Inefficient CPU Computation
Use of Prohibited Code
Incorrect Access of Indexable Resource ('Range Error')
Initialization of a Resource with an Insecure Default
Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
Improper Restriction of Operations within the Bounds of a Memory Buffer
DMA Device Enabled Too Early in Boot Phase
On-Chip Debug and Test Interface With Improper Access Control
Improper Identifier for IP Block used in System-On-Chip (SOC)
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
ASP.NET Misconfiguration: Missing Custom Error Page
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Generation of Weak Initialization Vector (IV)
Failure to Disable Reserved Bits
Stack-based Buffer Overflow
Heap-based Buffer Overflow
Insufficient Granularity of Access Control
Incorrect Register Defaults or Module Parameters
Insufficient Granularity of Address Regions Protected by Register Locks
Race Condition for Write-Once Attributes
Improper Restriction of Write-Once Bit Fields
Creation of Emergent Resource
Write-what-where Condition
Exposure of Sensitive Information Through Metadata
Improper Prevention of Lock Bit Modification
Improper Lock Behavior After Power State Transition
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
Hardware Internal or Debug Modes Allow Override of Locks
Incorrect Use of Autoboxing and Unboxing for Performance Critical Operations
Improper Neutralization of Formula Elements in a CSV File
Improper Zeroization of Hardware Register
Buffer Underwrite ('Buffer Underflow')
Use of a Cryptographic Primitive with a Risky Implementation
Use of Predictable Algorithm in Random Number Generator
Inclusion of Undocumented Features or Chicken Bits
Sensitive Non-Volatile Information Not Protected During Debug
Internal Asset Exposed to Unsafe Debug Access Level or State
Improper Finite State Machines (FSMs) in Hardware Logic
Improper Write Handling in Limited-write Non-Volatile Memories
Improper Protection Against Voltage and Clock Glitches
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
Application-Level Admin Tool with Inconsistent View of Underlying Operating System
Out-of-bounds Read
Improper Preservation of Consistency Between Independent Representations of Shared State
Mirrored Regions with Different Values
CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
Incorrect Selection of Fuse Values
Incorrect Comparison Logic Granularity
Comparison Logic is Vulnerable to Power Side-Channel Attacks
Improper Restriction of Software Interfaces to Hardware Features
Improper Access Control Applied to Mirrored or Aliased Memory Regions
Exposure of Sensitive System Information Due to Uncleared Debug Information
Improper Restriction of Security Token Assignment
Buffer Over-read
Improper Handling of Overlap Between Protected Memory Ranges
Improper Handling of Single Event Upsets
Improper Access Control for Register Interface
Improper Physical Access Control
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
Unintended Reentrant Invocation of Non-reentrant Code Via Nested Calls
Improper Scrubbing of Sensitive Data from Decommissioned Device
Policy Uses Obsolete Encoding
Policy Privileges are not Assigned Consistently Between Control and Data Agents
Product Released in Non-Release Configuration
Buffer Under-read
Generation of Incorrect Security Tokens
Uninitialized Value on Reset for Registers Holding Security Settings
Sensitive Information Uncleared Before Debug/Power State Transition
Device Unlock Credential Sharing
Improper Access Control for Volatile Memory Containing Boot Code
Sensitive Cookie with Improper SameSite Attribute
Hardware Child Block Incorrectly Connected to Parent System
Firmware Not Updateable
Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
Cryptographic Operations are run Before Supporting Units are Ready
Wrap-around Error
Access Control Check Implemented After Asset is Accessed
Sequence of Processor Instructions Leads to Unexpected Behavior
Assumed-Immutable Data is Stored in Writable Memory
Mutable Attestation or Measurement Reporting Data
Improper Validation of Specified Quantity in Input
Improper Validation of Specified Index, Position, or Offset in Input
Improper Validation of Syntactic Correctness of Input
Improper Validation of Specified Type of Input
Improper Validation of Consistency within Input
Improper Validation of Unsafe Equivalence in Input
Improper Validation of Array Index
Incorrect Decoding of Security Identifiers 
Public Key Re-Use for Signing both Debug and Production Code
Incorrect Conversion of Security Identifiers
Missing Source Correlation of Multiple Independent Data
Insecure Security Identifier Mechanism
Debug Messages Revealing Unnecessary Information
Incorrect Chaining or Granularity of Debug Components
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
Hardware Logic Contains Race Conditions
Missing Protection Mechanism for Alternate Hardware Interface
ASP.NET Misconfiguration: Password in Configuration File
Improper Handling of Length Parameter Inconsistency
Improper Protection of Physical Side Channels
Insufficient or Incomplete Data Removal within Hardware Component
Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)
Non-Transparent Sharing of Microarchitectural Resources
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation
Incorrect Calculation of Buffer Size
Missing Ability to Patch ROM Code
Improper Translation of Security Attributes by Fabric Bridge
Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
Hardware Allows Activation of Test or Debug Logic at Runtime
Missing Write Protection for Parametric Data Values
Improper Setting of Bus Controlling Capability in Fabric End-point
Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
Improper Access Control in Fabric Bridge
Missing Support for Security Features in On-chip Fabrics or Buses
Improper Protection against Electromagnetic Fault Injection (EM-FI)
Improper Protection for Outbound Error Messages and Alert Signals
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Use of Blocking Code in Single-threaded, Non-blocking Context
Improper Management of Sensitive Trace Data
Improperly Controlled Sequential Memory Allocation
Missing Immutable Root of Trust in Hardware
Binding to an Unrestricted IP Address
Security Version Number Mutable to Older Versions
Reliance on Component That is Not Updateable
Remanent Data Readable after Memory Erase
Improper Isolation of Shared Resources in Network On Chip (NoC)
Improper Handling of Faults that Lead to Instruction Skips
Inefficient Regular Expression Complexity
Unauthorized Error Injection Can Degrade Hardware Redundancy
Incorrect Bitwise Shift of Integer
Improper Neutralization of Special Elements Used in a Template Engine
Improper Protections Against Hardware Overheating
Insufficient Precision or Accuracy of a Real Number
Use of Externally-Controlled Format String
Multiple Releases of Same Resource or Handle
Information Exposure through Microarchitectural State after Transient Execution
Incorrect Calculation of Multi-Byte String Length
Improper Handling of Hardware Behavior in Exceptionally Cold Environments
Reliance on Insufficiently Trustworthy Component
Improper Neutralization of Special Elements
Improper Handling of Physical or Environmental Conditions
Missing Origin Validation in WebSockets
Insecure Operation on Windows Junction / Mount Point
Incorrect Parsing of Numbers with Different Radices
Weak Authentication
Use of Weak Credentials
Use of Default Credentials
Use of Default Password
Use of Default Cryptographic Key
Dependency on Vulnerable Third-Party Component
Compiler Removal of Code to Clear Buffers
Improper Neutralization of Delimiters
Improper Neutralization of Parameter/Argument Delimiters
Incorrect Initialization of Resource
Improper Neutralization of Value Delimiters
Exposure of Sensitive Information during Transient Execution
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
Improper Validation of Generative AI Output
Improper Neutralization of Record Delimiters
Improper Neutralization of Line Delimiters
Improper Neutralization of Section Delimiters
Improper Neutralization of Expression/Command Delimiters
Improper Neutralization of Input Terminators
Improper Neutralization of Input Leaders
Improper Neutralization of Quoting Syntax
External Control of System or Configuration Setting
Improper Neutralization of Escape, Meta, or Control Sequences
Improper Neutralization of Comment Delimiters
Improper Neutralization of Macro Symbols
Improper Neutralization of Substitution Characters
Improper Neutralization of Variable Name Delimiters
Improper Neutralization of Wildcards or Matching Symbols
Improper Neutralization of Whitespace
Failure to Sanitize Paired Delimiters
Improper Neutralization of Null Byte or NUL Character
Improper Handling of Invalid Use of Special Elements
Improper Neutralization of Leading Special Elements
Improper Neutralization of Multiple Leading Special Elements
Improper Neutralization of Trailing Special Elements
Improper Neutralization of Multiple Trailing Special Elements
Improper Neutralization of Internal Special Elements
Improper Neutralization of Multiple Internal Special Elements
Improper Handling of Missing Special Element
Improper Handling of Additional Special Element
Improper Handling of Inconsistent Special Elements
Improper Null Termination
Encoding Error
Improper Handling of Alternate Encoding
Double Decoding of the Same Data
Improper Handling of Mixed Encoding
Improper Handling of Unicode Encoding
Improper Handling of URL Encoding (Hex Encoding)
Improper Handling of Case Sensitivity
Incorrect Behavior Order: Early Validation
Incorrect Behavior Order: Validate Before Canonicalize
Incorrect Behavior Order: Validate Before Filter
Collapse of Data into Unsafe Value
Permissive List of Allowed Inputs
Incomplete List of Disallowed Inputs
Incorrect Regular Expression
Overly Restrictive Regular Expression
Partial String Comparison
Reliance on Data/Memory Layout
Integer Overflow or Wraparound
Integer Underflow (Wrap or Wraparound)
Integer Coercion Error
Off-by-one Error
Unexpected Sign Extension
Signed to Unsigned Conversion Error
Unsigned to Signed Conversion Error
Numeric Truncation Error
Use of Incorrect Byte Ordering
Improper Input Validation
Exposure of Sensitive Information to an Unauthorized Actor
Insertion of Sensitive Information Into Sent Data
Exposure of Sensitive Information Through Data Queries
Observable Discrepancy
Observable Response Discrepancy
Observable Behavioral Discrepancy
Observable Internal Behavioral Discrepancy
Observable Behavioral Discrepancy With Equivalent Products
Observable Timing Discrepancy
Generation of Error Message Containing Sensitive Information
Self-generated Error Message Containing Sensitive Information
Externally-Generated Error Message Containing Sensitive Information
Improper Removal of Sensitive Information Before Storage or Transfer
Exposure of Sensitive Information Due to Incompatible Policies
Invocation of Process Using Visible Sensitive Information
Insertion of Sensitive Information Into Debugging Code
Storage of File with Sensitive Data Under Web Root
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Storage of File With Sensitive Data Under FTP Root
Information Loss or Omission
Truncation of Security-relevant Information
Omission of Security-relevant Information
Obscured Security-relevant Information by Alternate Name
Sensitive Information in Resource Not Removed Before Reuse
Improper Handling of Syntactically Invalid Structure
Improper Handling of Values
Relative Path Traversal
Improper Handling of Missing Values
Improper Handling of Extra Values
Improper Handling of Undefined Values
Improper Handling of Parameters
Failure to Handle Missing Parameter
Improper Handling of Extra Parameters
Improper Handling of Undefined Parameters
Improper Handling of Structural Elements
Improper Handling of Incomplete Structural Elements
Failure to Handle Incomplete Element
Path Traversal: '../filedir'
Improper Handling of Inconsistent Structural Elements
Improper Handling of Unexpected Data Type
Use of Inherently Dangerous Function
Creation of chroot Jail Without Changing Working Directory
Improper Clearing of Heap Memory Before Release ('Heap Inspection')
J2EE Bad Practices: Direct Management of Connections
J2EE Bad Practices: Direct Use of Sockets
Uncaught Exception
Path Traversal: '/../filedir'
Execution with Unnecessary Privileges
Unchecked Return Value
Incorrect Check of Function Return Value
Plaintext Storage of a Password
Storing Passwords in a Recoverable Format
Empty Password in Configuration File
Use of Hard-coded Password
Path Traversal: '/dir/../filename'
Password in Configuration File
Weak Encoding for Password
Not Using Password Aging
Password Aging with Long Expiration
Incorrect Privilege Assignment
Privilege Defined With Unsafe Actions
Privilege Chaining
Improper Privilege Management
Path Traversal: 'dir/../../filename'
Privilege Context Switching Error
Privilege Dropping / Lowering Errors
Least Privilege Violation
Improper Check for Dropped Privileges
Improper Handling of Insufficient Privileges
Incorrect Default Permissions
Insecure Inherited Permissions
Insecure Preserved Inherited Permissions
Incorrect Execution-Assigned Permissions
Path Traversal: '..\filedir'
Improper Handling of Insufficient Permissions or Privileges 
Improper Preservation of Permissions
Improper Ownership Management
Unverified Ownership
Improper Access Control
Improper Authorization
Incorrect User Management
Improper Authentication
Authentication Bypass Using an Alternate Path or Channel
Authentication Bypass by Alternate Name
Path Traversal: '\..\filename'
Authentication Bypass by Spoofing
Reliance on IP Address for Authentication
Using Referer Field for Authentication
Authentication Bypass by Capture-replay
Improper Certificate Validation
Improper Following of a Certificate's Chain of Trust
Improper Validation of Certificate with Host Mismatch
Improper Validation of Certificate Expiration
Improper Check for Certificate Revocation
Path Traversal: '\dir\..\filename'
Channel Accessible by Non-Endpoint
Reflection Attack in an Authentication Protocol
Authentication Bypass by Assumed-Immutable Data
Incorrect Implementation of Authentication Algorithm
Missing Critical Step in Authentication
Authentication Bypass by Primary Weakness
Missing Authentication for Critical Function
Improper Restriction of Excessive Authentication Attempts
Use of Single-factor Authentication
Use of Password System for Primary Authentication
Path Traversal: 'dir\..\..\filename'
Missing Encryption of Sensitive Data
Cleartext Storage of Sensitive Information
Cleartext Storage in a File or on Disk
Cleartext Storage in the Registry
Cleartext Storage of Sensitive Information in a Cookie
Cleartext Storage of Sensitive Information in Memory
Cleartext Storage of Sensitive Information in GUI
Cleartext Storage of Sensitive Information in Executable
Cleartext Transmission of Sensitive Information
Path Traversal: '...' (Triple Dot)
Use of Hard-coded Cryptographic Key
Key Exchange without Entity Authentication
Reusing a Nonce, Key Pair in Encryption
Use of a Key Past its Expiration Date
Missing Cryptographic Step
Inadequate Encryption Strength
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
Generation of Predictable IV with CBC Mode
Path Traversal: '....' (Multiple Dot)
Use of Insufficiently Random Values
Insufficient Entropy
Insufficient Entropy in PRNG
Improper Handling of Insufficient Entropy in TRNG
Small Space of Random Values
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
Same Seed in Pseudo-Random Number Generator (PRNG)
Predictable Seed in Pseudo-Random Number Generator (PRNG)
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Small Seed Space in PRNG
Path Traversal: '....//'
Generation of Predictable Numbers or Identifiers
Predictable from Observable State
Predictable Exact Value from Previous Values
Predictable Value Range from Previous Values
Use of Invariant Value in Dynamically Changing Context
Insufficient Verification of Data Authenticity
Origin Validation Error
Improper Verification of Cryptographic Signature
Use of Less Trusted Source
Acceptance of Extraneous Untrusted Data With Trusted Data
Path Traversal: '.../...//'
Reliance on Reverse DNS Resolution for a Security-Critical Action
Insufficient Type Distinction
Cross-Site Request Forgery (CSRF)
Missing Support for Integrity Check
Improper Validation of Integrity Check Value
Product UI does not Warn User of Unsafe Actions
Insufficient UI Warning of Dangerous Operations
Improperly Implemented Security Check for Standard
Exposure of Private Personal Information to an Unauthorized Actor
Absolute Path Traversal
Trust of System Event Data
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Race Condition Enabling Link Following
Signal Handler Race Condition
Race Condition within a Thread
Time-of-check Time-of-use (TOCTOU) Race Condition
Context Switching Race Condition
Divide By Zero
Path Traversal: '/absolute/pathname/here'
Missing Check for Certificate Revocation after Initial Check
Incomplete Internal State Distinction
Passing Mutable Objects to an Untrusted Method
Returning a Mutable Object to an Untrusted Caller
Insecure Temporary File
Creation of Temporary File With Insecure Permissions
Creation of Temporary File in Directory with Insecure Permissions
Path Traversal: '\absolute\pathname\here'
J2EE Bad Practices: Use of System.exit()
J2EE Bad Practices: Direct Use of Threads
Session Fixation
Covert Timing Channel
Symbolic Name not Mapping to Correct Object
Path Traversal: 'C:dirname'
Detection of Error Condition Without Action
Unchecked Error Condition
Missing Report of Error Condition
Return of Wrong Status Code
Unexpected Status Code or Return Value
Use of NullPointerException Catch to Detect NULL Pointer Dereference
Declaration of Catch for Generic Exception
Declaration of Throws for Generic Exception
Path Traversal: '\\UNC\share\name\' (Windows UNC Share)
Uncontrolled Resource Consumption
Missing Release of Memory after Effective Lifetime
Transmission of Private Resources into a New Sphere ('Resource Leak')
Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Improper Resource Shutdown or Release
Asymmetric Resource Consumption (Amplification)
Insufficient Control of Network Message Volume (Network Amplification)
Inefficient Algorithmic Complexity
Incorrect Behavior Order: Early Amplification
Improper Handling of Highly Compressed Data (Data Amplification)
Improper Resolution of Path Equivalence
Insufficient Resource Pool
Unrestricted Externally Accessible Lock
Improper Resource Locking
Missing Lock Check
Double Free
Use After Free
Unprotected Primary Channel
Path Equivalence: 'filename.' (Trailing Dot)
Unprotected Alternate Channel
Race Condition During Access to Alternate Channel
Unprotected Windows Messaging Channel ('Shatter')
Improper Protection of Alternate Path
Direct Request ('Forced Browsing')
Untrusted Search Path
Uncontrolled Search Path Element
Unquoted Search Path or Element
Path Equivalence: 'filename....' (Multiple Trailing Dot)
Deployment of Wrong Handler
Missing Handler
Dangerous Signal Handler not Disabled During Sensitive Operations
Unparsed Raw Web Content Delivery
Unrestricted Upload of File with Dangerous Type
Improper Interaction Between Multiple Correctly-Behaving Entities
Interpretation Conflict
Incomplete Model of Endpoint Features
Behavioral Change in New Version or Environment
Path Equivalence: 'file.name' (Internal Dot)
Expected Behavior Violation
Unintended Proxy or Intermediary ('Confused Deputy')
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
UI Discrepancy for Security Feature
Unimplemented or Unsupported Feature in UI
Obsolete Feature in UI
The UI Performs the Wrong Action
Path Equivalence: 'file...name' (Multiple Internal Dot)
Multiple Interpretations of UI Input
User Interface (UI) Misrepresentation of Critical Information
Insecure Default Variable Initialization
External Initialization of Trusted Variables or Data Stores
Non-exit on Failed Initialization
Missing Initialization of a Variable
Use of Uninitialized Variable
Incomplete Cleanup
Path Equivalence: 'filename ' (Trailing Space)
Improper Cleanup on Thrown Exception
Duplicate Key in Associative List (Alist)
Deletion of Data Structure Sentinel
Addition of Data Structure Sentinel
Return of Pointer Value Outside of Expected Range
Use of sizeof() on a Pointer Type
Incorrect Pointer Scaling
Use of Pointer Subtraction to Determine Size
Path Equivalence: ' filename' (Leading Space)
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Modification of Assumed-Immutable Data (MAID)
External Control of Assumed-Immutable Web Parameter
PHP External Variable Modification
Use of Function with Inconsistent Implementations
Undefined Behavior for Input to API
NULL Pointer Dereference
Use of Obsolete Function
Missing Default Case in Multiple Condition Expression
Signal Handler Use of a Non-reentrant Function
Path Equivalence: 'file name' (Internal Whitespace)
Use of Incorrect Operator
Assigning instead of Comparing
Comparing instead of Assigning
Incorrect Block Delimitation
Omitted Break Statement in Switch
Comparison of Classes by Name
Reliance on Package-level Scope
Exposure of Data Element to Wrong Session
Active Debug Code
Path Equivalence: 'filename/' (Trailing Slash)
Public cloneable() Method Without Final ('Object Hijack')
Use of Inner Class Containing Sensitive Data
Critical Public Variable Without Final Modifier
Download of Code Without Integrity Check
Private Data Structure Returned From A Public Method
Public Data Assigned to Private Array-Typed Field
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Cloneable Class Containing Sensitive Information
Serializable Class Containing Sensitive Data
J2EE Misconfiguration: Data Transmission Without Encryption
Path Equivalence: '//multiple/leading/slash'
Public Static Field Not Marked Final
Trust Boundary Violation
Deserialization of Untrusted Data
Embedded Malicious Code
Trojan Horse
Non-Replicating Malicious Code
Replicating Malicious Code (Virus or Worm)
Path Equivalence: '/multiple//internal/slash'
Trapdoor
Logic/Time Bomb
Spyware
Covert Channel
Covert Storage Channel
Path Equivalence: '/multiple/trailing/slash//'
.NET Misconfiguration: Use of Impersonation
Weak Password Requirements
Insufficiently Protected Credentials
Unprotected Transport of Credentials
Use of Cache Containing Sensitive Information
Use of Web Browser Cache Containing Sensitive Information
Cleartext Storage of Sensitive Information in an Environment Variable
Exposure of Version-Control Repository to an Unauthorized Control Sphere
Exposure of Core Dump File to an Unauthorized Control Sphere
Exposure of Access Control List Files to an Unauthorized Control Sphere
Path Equivalence: '\multiple\\internal\backslash'
Exposure of Backup File to an Unauthorized Control Sphere
Inclusion of Sensitive Information in Test Code
Insertion of Sensitive Information into Log File
Exposure of Information Through Shell Error Message
Servlet Runtime Error Message Containing Sensitive Information
Java Runtime Error Message Containing Sensitive Information
Insertion of Sensitive Information into Externally-Accessible File or Directory
Use of Persistent Cookies Containing Sensitive Information
Path Equivalence: 'filedir\' (Trailing Backslash)
Inclusion of Sensitive Information in Source Code
Inclusion of Sensitive Information in an Include File
Use of Singleton Pattern Without Synchronization in a Multithreaded Context
Missing Standardized Error Handling Mechanism
Suspicious Comment
Use of Hard-coded, Security-relevant Constants
Exposure of Information Through Directory Listing
Missing Password Field Masking
Path Equivalence: '/./' (Single Dot Directory)
Server-generated Error Message Containing Sensitive Information
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
Files or Directories Accessible to External Parties
Command Shell in Externally Accessible Directory
ASP.NET Misconfiguration: Not Using Input Validation Framework
J2EE Misconfiguration: Plaintext Password in Configuration File
ASP.NET Misconfiguration: Use of Identity Impersonation
Use of getlogin() in Multithreaded Application
Path Equivalence: 'filedir*' (Wildcard)
Use of umask() with chmod-style Argument
Dead Code
Return of Stack Variable Address
Assignment to Variable without Use
SQL Injection: Hibernate
Reliance on Cookies without Validation and Integrity Checking
Authorization Bypass Through User-Controlled SQL Primary Key
Unsynchronized Access to Shared Data in a Multithreaded Context
finalize() Method Without super.finalize()
Path Equivalence: 'fakedir/../realdir/filename'
Expression is Always False
Expression is Always True
Call to Thread run() instead of start()
Improper Following of Specification by Caller
EJB Bad Practices: Use of Synchronization Primitives
EJB Bad Practices: Use of AWT Swing
EJB Bad Practices: Use of Java I/O
EJB Bad Practices: Use of Sockets
EJB Bad Practices: Use of Class Loader
J2EE Bad Practices: Non-serializable Object Stored in Session
Path Equivalence: Windows 8.3 Filename
clone() Method Without super.clone()
Object Model Violation: Just One of Equals and Hashcode Defined
Array Declared Public, Final, and Static
finalize() Method Declared Public
Return Inside Finally Block
Empty Synchronized Block
Explicit Call to Finalize()
Assignment of a Fixed Address to a Pointer
Attempt to Access Child of a Non-structure Pointer
Call to Non-ubiquitous API
Improper Link Resolution Before File Access ('Link Following')
Free of Memory not on the Heap
Sensitive Data Storage in Improperly Locked Memory
Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
J2EE Framework: Saving Unserializable Objects to Disk
Comparison of Object References Instead of Object Contents
Use of Wrong Operator in String Comparison
Use of GET Request Method With Sensitive Query Strings
Missing Validation of OpenSSL Certificate
J2EE Misconfiguration: Insufficient Session-ID Length
Uncaught Exception in Servlet 
URL Redirection to Untrusted Site ('Open Redirect')
Client-Side Enforcement of Server-Side Security
Use of Client-Side Authentication
Multiple Binds to the Same Port
Unchecked Input for Loop Condition
Public Static Final Field References Mutable Object
Struts: Non-private Field in ActionForm Class
Double-Checked Locking
UNIX Symbolic Link (Symlink) Following
Externally Controlled Reference to a Resource in Another Sphere
Improper Restriction of XML External Entity Reference
Improper Authorization of Index Containing Sensitive Information
Insufficient Session Expiration
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Inclusion of Sensitive Information in Source Code Comments
Incomplete Identification of Uploaded File Variables (PHP)
Reachable Assertion
Exposed Unsafe ActiveX Method
Dangling Database Cursor ('Cursor Injection')
UNIX Hard Link
Unverified Password Change
Variable Extraction Error
Improper Validation of Function Hook Arguments
Unsafe ActiveX Control Marked Safe For Scripting
Executable Regular Expression Error
Permissive Regular Expression
Null Byte Interaction Error (Poison Null Byte)
Dynamic Variable Evaluation
Function Call with Incorrectly Specified Arguments
Not Failing Securely ('Failing Open')
Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')
Not Using Complete Mediation
Authorization Bypass Through User-Controlled Key
Windows Shortcut Following (.LNK)
Weak Password Recovery Mechanism for Forgotten Password
Improper Restriction of Names for Files and Other Resources
External Control of Critical State Data
Improper Neutralization of Data within XPath Expressions ('XPath Injection')
Improper Neutralization of HTTP Headers for Scripting Syntax
Overly Restrictive Account Lockout Mechanism
Reliance on File Name or Extension of Externally-Supplied File
Use of Non-Canonical URL Paths for Authorization Decisions
Incorrect Use of Privileged APIs
Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
Windows Hard Link
Trusting HTTP Permission Methods on the Server Side
Exposure of WSDL File Containing Sensitive Information
Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')
Improper Isolation or Compartmentalization
Reliance on a Single Factor in a Security Decision
Insufficient Psychological Acceptability
Reliance on Security Through Obscurity
Violation of Secure Design Principles
Improper Handling of File Names that Identify Virtual Resources
Improper Synchronization
Use of a Non-reentrant Function in a Concurrent Context
Improper Control of a Resource Through its Lifetime
Improper Initialization
Operation on Resource in Wrong Phase of Lifetime
Improper Locking
Exposure of Resource to Wrong Sphere
Incorrect Resource Transfer Between Spheres
Improper Handling of Windows Device Names
Always-Incorrect Control Flow Implementation
Lack of Administrator Control over Security
Operation on a Resource after Expiration or Release
External Influence of Sphere Definition
Uncontrolled Recursion
Multiple Operations on Resource in Single-Operation Context
Use of Potentially Dangerous Function
Integer Overflow to Buffer Overflow
Incorrect Conversion between Numeric Types
Incorrect Calculation
Function Call With Incorrect Order of Arguments
Incorrect Provision of Specified Functionality
Function Call With Incorrect Number of Arguments
Function Call With Incorrect Argument Type
Function Call With Incorrectly Specified Argument Value
Function Call With Incorrect Variable or Reference as Argument
Permission Race Condition During Resource Copy
Improper Handling of Windows ::DATA Alternate Data Stream
Unchecked Return Value to NULL Pointer Dereference
Insufficient Control Flow Management
Incomplete Denylist to Cross-Site Scripting
Protection Mechanism Failure
Use of Multiple Resources with Duplicate Identifier
Use of Low-Level Functionality
Incorrect Behavior Order
Incorrect Comparison
Execution After Redirect (EAR)
J2EE Misconfiguration: Missing Custom Error Page
Improper Check or Handling of Exceptional Conditions
Incorrect Type Conversion or Cast
Incorrect Control Flow Scoping
Use of Incorrectly-Resolved Name or Reference
Improper Neutralization
Incorrect Ownership Assignment
Improper Adherence to Coding Standards
Improper Handling of Apple HFS+ Alternate Data Stream Path
External Control of File Name or Path
Incorrect Permission Assignment for Critical Resource
Compiler Optimization Removal or Modification of Security-critical Code
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Exposed Dangerous Method or Function
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Improper Check for Unusual or Exceptional Conditions
Improper Handling of Exceptional Conditions
Missing Custom Error Page
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Use of a One-Way Hash without a Salt
Improper Neutralization of Equivalent Special Elements
Use of a One-Way Hash with a Predictable Salt
Free of Pointer not at Start of Buffer
Mismatched Memory Management Routines
Release of Invalid Pointer or Reference
Multiple Locks of a Critical Resource
Multiple Unlocks of a Critical Resource
Critical Data Element Declared Public
Access to Critical Private Variable via Public Method
Incorrect Short Circuit Evaluation
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Allocation of Resources Without Limits or Throttling
Missing Reference to Active Allocated Resource
Missing Release of Resource after Effective Lifetime
Missing Reference to Active File Descriptor or Handle
Allocation of File Descriptors or Handles Without Limits or Throttling
Missing Release of File Descriptor or Handle after Effective Lifetime
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Regular Expression without Anchors
Insufficient Logging
Logging of Excessive Data
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Use of RSA Algorithm without OAEP
Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
Exposed IOCTL with Insufficient Access Control
Operator Precedence Logic Error
Reliance on Cookies without Validation and Integrity Checking in a Security Decision
Use of Path Manipulation Function without Maximum-sized Buffer
Access of Memory Location Before Start of Buffer
Out-of-bounds Write
Access of Memory Location After End of Buffer
Memory Allocation with Excessive Size Value
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Improper Filtering of Special Elements
Incomplete Filtering of Special Elements
Incomplete Filtering of One or More Instances of Special Elements
Only Filtering One Instance of a Special Element
Incomplete Filtering of Multiple Instances of Special Elements
Only Filtering Special Elements at a Specified Location
Only Filtering Special Elements Relative to a Marker
Only Filtering Special Elements at an Absolute Position
Use of Hard-coded Credentials
Improper Control of Interaction Frequency
J2EE Misconfiguration: Entity Bean Declared Remote
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Guessable CAPTCHA
Buffer Access with Incorrect Length Value
Buffer Access Using Size of Source Buffer
Reliance on Untrusted Inputs in a Security Decision
Improper Neutralization of Script in an Error Message Web Page
Improper Neutralization of Script in Attributes of IMG Tags in a Web Page
Missing Synchronization
Incorrect Synchronization
Untrusted Pointer Dereference
Use of Out-of-range Pointer Offset
Access of Uninitialized Pointer
Expired Pointer Dereference
Premature Release of Resource During Expected Lifetime
Improper Control of Document Type Definition
Signal Handler with Functionality that is not Asynchronous-Safe
Inclusion of Functionality from Untrusted Control Sphere
Improper Neutralization of Script in Attributes in a Web Page
Inclusion of Web Functionality from an Untrusted Source
Signal Handler Function Associated with Multiple Signals
Unlock of a Resource that is not Locked
Deadlock
Excessive Iteration
Loop with Unreachable Exit Condition ('Infinite Loop')
Use of Password Hash Instead of Password for Authentication
Improper Enforcement of a Single, Unique Action
Inappropriate Encoding for Output Context
Numeric Range Comparison Without Minimum Check
Improper Neutralization of Encoded URI Schemes in a Web Page
Improper Enforcement of Behavioral Workflow
Placement of User into Incorrect Group
Access of Resource Using Incompatible Type ('Type Confusion')
Doubled Character XSS Manipulations
Improper Neutralization of Invalid Characters in Identifiers in Web Pages
Missing Authorization
Incorrect Authorization
Improper Neutralization of Alternate XSS Syntax
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
J2EE Misconfiguration: Weak Access Permissions for EJB Methods
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Use of Uninitialized Resource
Missing Initialization of Resource
XML Injection (aka Blind XPath Injection)
Use of Expired File Descriptor
Improper Update of Reference Count
Hidden Functionality
Improper Control of Dynamically-Managed Code Resources
Improper Control of Dynamically-Identified Variables
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Use of Password Hash With Insufficient Computational Effort
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
Server-Side Request Forgery (SSRF)
Improper Restriction of Power Consumption
Storage of Sensitive Data in a Mechanism without Access Control
Insecure Storage of Sensitive Information
Improper Restriction of Communication Channel to Intended Endpoints
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
Improper Verification of Intent by Broadcast Receiver
Improper Export of Android Application Components
Use of Implicit Intent for Sensitive Communication
Improper Neutralization of CRLF Sequences ('CRLF Injection')
Improper Authorization in Handler for Custom URL Scheme
Improper Control of Generation of Code ('Code Injection')
Improper Verification of Source of a Communication Channel
Incorrectly Specified Destination in a Communication Channel
Permissive Cross-domain Policy with Untrusted Domains
Improper Neutralization of Special Elements in Data Query Logic
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Resource Identifiers ('Resource Injection')