Common Weakness Enumeration Dictionary

CWEid	Name
CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	Issues 7350
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	Issues 6553
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer	Issues 1843
CWE-264	Permissions, Privileges, and Access Controls	Issues 1824
CWE-352	Cross-Site Request Forgery (CSRF)	Issues 1344
CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	Issues 888
CWE-78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')	Issues 871
CWE-98	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion')	Issues 502
CWE-94	Improper Control of Generation of Code ('Code Injection')	Issues 369
CWE-20	Improper Input Validation	Issues 325
CWE-200	Information Exposure	Issues 310
CWE-601	URL Redirection to Untrusted Site ('Open Redirect')	Issues 274
CWE-287	Improper Authentication	Issues 227
CWE-399	Resource Management Errors	Issues 139
CWE-189	Numeric Errors	Issues 133
CWE-592	Authentication Bypass Issues	Issues 52
CWE-310	Cryptographic Issues	Issues 51
CWE-434	Unrestricted Upload of File with Dangerous Type	Issues 40
CWE-16	Configuration	Issues 36
CWE-284	Improper Access Control	Issues 34
CWE-476	NULL Pointer Dereference	Issues 33
CWE-255	Credentials Management	Issues 33
CWE-134	Uncontrolled Format String	Issues 32
CWE-59	Improper Link Resolution Before File Access ('Link Following')	Issues 23
CWE-400	Uncontrolled Resource Consumption ('Resource Exhaustion')	Issues 19
CWE-121	Stack-based Buffer Overflow	Issues 18
CWE-80	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)	Issues 17
CWE-288	Authentication Bypass Using an Alternate Path or Channel	Issues 14
CWE-285	Improper Authorization	Issues 13
CWE-269	Improper Privilege Management	Issues 12
CWE-306	Missing Authentication for Critical Function	Issues 12
CWE-276	Incorrect Default Permissions	Issues 11
CWE-321	Use of Hard-coded Cryptographic Key	Issues 11
CWE-502	Deserialization of Untrusted Data	Issues 11
CWE-23	Relative Path Traversal	Issues 10
CWE-611	Information Exposure Through XML External Entity Reference	Issues 10
CWE-538	File and Directory Information Exposure	Issues 9
CWE-319	Cleartext Transmission of Sensitive Information	Issues 8
CWE-522	Insufficiently Protected Credentials	Issues 7
CWE-123	Write-what-where Condition	Issues 7
CWE-427	Uncontrolled Search Path Element	Issues 7
CWE-428	Unquoted Search Path or Element	Issues 7
CWE-73	External Control of File Name or Path	Issues 6
CWE-345	Insufficient Verification of Data Authenticity	Issues 6
CWE-862	Missing Authorization	Issues 6
CWE-250	Execution with Unnecessary Privileges	Issues 6
CWE-259	Use of Hard-coded Password	Issues 5
CWE-93	Improper Neutralization of CRLF Sequences ('CRLF Injection')	Issues 5
CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')	Issues 5
CWE-122	Heap-based Buffer Overflow	Issues 5
CWE-190	Integer Overflow or Wraparound	Issues 5
CWE-863	Incorrect Authorization	Issues 5
CWE-266	Incorrect Privilege Assignment	Issues 4
CWE-280	Improper Handling of Insufficient Permissions or Privileges	Issues 4
CWE-548	Information Exposure Through Directory Listing	Issues 4
CWE-295	Certificate Issues	Issues 4
CWE-312	Cleartext Storage of Sensitive Information	Issues 4
CWE-598	Information Exposure Through Query Strings in GET Request	Issues 4
CWE-639	Authorization Bypass Through User-Controlled Key	Issues 4
CWE-384	Session Fixation	Issues 4