ASDR TOC Vulnerabilities

From OWASP

Back to TOC

1. Access control enforced by presentation layer
2. Accidental leaking of sensitive information through data queries
3. Accidental leaking of sensitive information through error messages
4. Accidental leaking of sensitive information through sent data
5. Addition of data-structure sentinel
6. Algorithmic Complexity
7. Allowing External Setting Manipulation
8. Allowing password aging
9. Alternate Channel Race Condition
10. Alternate Encoding
11. ASP.NET Misconfiguration: Creating Debug Binary
12. ASP.NET Misconfiguration: Missing Custom Error Handling
13. ASP.NET Misconfiguration: Password in Configuration File
14. Assigning instead of comparing
15. Authentication bypass by alternate name
16. Authentication Bypass by Alternate Path/Channel
17. Authentication Bypass by Primary Weakness
18. Authentication bypass by spoofing
19. Authentication Bypass via Assumed-Immutable Data
20. Authentication Error
21. Authentication Logic Error
22. Behavioral Change
23. Behavioral Discrepancy Infoleak
24. Behavioral problems
25. Buffer Overflow
26. Buffer over-read
27. Buffer under-read
28. Buffer underwrite
29. Bundling Issues
30. Byte/Object Code
31. Capture-replay
32. Case Sensitivity (lowercase, uppercase, mixed case)
33. Catch NullPointerException
34. Channel and Path Errors
35. Cleansing, Canonicalization, and Comparison Errors
36. Code Correctness: Call to System.gc()
37. Code Correctness: Call to Thread.run()
38. Code Correctness: Class Does Not Implement Cloneable
39. Code Correctness: Double-Checked Locking
40. Code Correctness: Erroneous finalize() Method
41. Code Correctness: Erroneous String Compare
42. Code Correctness: Misspelled Method Name
43. Code Correctness: null Argument to equals()
44. Collapse of Data into Unsafe Value
45. Common Special Element Manipulations
46. Comparing classes by name
47. Comparing instead of assigning
48. Comprehensive list of Threats to Authentication Procedures and Data
49. Context Switching Race Condition
50. Covert timing channel
51. CRLF Injection
52. Cross Site Scripting
53. Cross-Boundary Cleansing Infoleak
54. Dangerous Function
55. Dangerous handler not cleared/disabled during sensitive operations
56. Data Amplification
57. Data Leaking Between Users
58. Data Structure Issues
59. Dead Code: Broken Override
60. Dead Code: Expression is Always False
61. Dead Code: Expression is Always True
62. Dead Code: Unused Field
63. Dead Code: Unused Method
64. Deletion of data-structure sentinel
65. Delimiter between Expressions or Commands
66. Delimiter Problems
67. Deserialization of untrusted data
68. Directory Restriction Error
69. Discrepancy Information Leaks
70. Double Free
71. Doubled character XSS manipulations
72. Doubly freeing memory
73. Duplicate key in associative list (alist)
74. Early Amplification
75. EJB Bad Practices: Use of AWT/Swing
76. EJB Bad Practices: Use of Class Loader
77. EJB Bad Practices: Use of java.io
78. EJB Bad Practices: Use of Sockets
79. EJB Bad Practices: Use of Synchronization Primitives
80. Empty Catch Block
81. Empty String Password
82. Error Conditions, Return Values, Status Codes
83. Error Message Infoleaks
84. Escape, Meta, or Control Character / Sequence
85. Expected behavior violation
86. External behavioral inconsistency infoleak
87. External initialization of trusted variables or values
88. Extra Parameter Error
89. Extra Special Element
90. Extra Unhandled Features
91. Extra Value Error
92. Fails poorly due to insufficient permissions
93. Failure of true random number generator
94. Failure to account for default case in switch
95. Failure to add integrity check value
96. Failure to check for certificate revocation
97. Failure to check integrity check value
98. Failure to check whether privileges were dropped successfully
99. Failure to deallocate data
100. Failure to drop privileges when reasonable
101. Failure to encrypt data
102. Failure to follow chain of trust in certificate validation
103. Failure to protect stored data from modification
104. Failure to provide confidentiality for stored data
105. Failure to validate certificate expiration
106. Failure to validate host-specific certificate data
107. File Access Race Condition: TOCTOU
108. Format String
109. Format string problem
110. General Special Element Problems
111. Grouping Element / Paired Delimiter
112. Guessed or visible temporary file
113. Hard-Coded Password
114. Heap Inspection
115. Heap overflow
116. Ignored function return value
117. Illegal Pointer Value
118. Improper cleanup on thrown exception
119. Improper error handling
120. Improper Handler Deployment
121. Improper Null Termination
122. Improper resource shutdown or release
123. Improper string length checking
124. Improper temp file opening
125. Improperly Implemented Security Check for Standard
126. Improperly Trusted Reverse DNS
127. Improperly Verified Signature
128. Inadvertent
129. Incomplete Blacklist
130. Incomplete Cleanup
131. Incomplete Element
132. Incomplete Internal State Distinction
133. Inconsistent Elements
134. Inconsistent Implementations
135. Inconsistent Special Elements
136. Incorrect block delimitation
137. Incorrect initialization
138. Incorrect Privilege Assignment
139. Infoleak Using Debug Information
140. Information Leak (information disclosure)
141. Information leak through class cloning
142. Information leak through serialization
143. Information loss or omission
144. Initialization and Cleanup Errors
145. Injection problem
146. Input Terminator
147. Insecure Compiler Optimization
148. Insecure Default Permissions
149. Insecure default variable initialization
150. Insecure execution-assigned permissions
151. Insecure inherited permissions
152. Insecure preserved inherited permissions
153. Insecure Randomness
154. Insecure Temporary File
155. Installation Issues
156. Insufficient Entropy
157. Insufficient entropy in pseudo-random number generator
158. Insufficient privileges
159. Insufficient Resource Locking
160. Insufficient Resource Pool
161. Insufficient Type Distinction
162. Insufficient UI warning of dangerous operations
163. Insufficient Verification of Data
164. Integer coercion error
165. Integer overflow
166. Integer Overflow
167. Integer underflow (wrap or wraparound)
168. Intended information leak
169. Interaction Errors
170. Internal behavioral inconsistency infoleak
171. Internal Special Element
172. Invalid Characters in Identifiers
173. Invoking untrusted mobile code
174. J2EE Bad Practices: getConnection()
175. J2EE Bad Practices: JSP Expressions
176. J2EE Bad Practices: Sockets
177. J2EE Bad Practices: System.exit()
178. J2EE Bad Practices: Threads
179. J2EE Misconfiguration: Insecure Transport
180. J2EE Misconfiguration: Insufficient Session-ID Length
181. J2EE Misconfiguration: Missing Error Handling
182. J2EE Misconfiguration: Unsafe Bean Declaration
183. J2EE Misconfiguration: Weak Access Permissions
184. J2EE Time and State Issues
185. Key exchange without entity authentication
186. Key management errors
187. Leading Special Element
188. Least Privilege Violation
189. Leftover Debug Code
190. Length Parameter Inconsistency
191. Line Delimiter
192. Log Forging
193. Log injection
194. Mac virtual file problems
195. Macro symbol
196. Member Field Race Condition
197. Memory leak
198. Memory Leak
199. Miscalculated null termination
200. Misinterpretation error
201. Misinterpreted function return value
202. Missing access control
203. Missing critical step in authentication
204. Missing element error
205. Missing error status code
206. Missing handler
207. Missing initialization
208. Missing lock check
209. Missing parameter
210. Missing parameter error
211. Missing required cryptographic step
212. Missing special element
213. Missing value error
214. Missing XML Validation
215. Mixed encoding
216. Modification of assumed-immutable data
217. Multiple failed authentication attempts not prevented
218. Multiple internal special element
219. Multiple interpretation error (MIE)
220. Multiple interpretations of UI input
221. Multiple Leading Special Elements
222. Multiple Trailing Special Elements
223. Mutable object returned
224. Mutable objects passed by reference
225. No authentication for critical function
226. Non-cryptographic pseudo-random number generator
227. Non-exit on failed initialization
228. Non-replicating
229. Not allowing password aging
230. Not using a random initialization vector with cipher block chaining mode
231. Null character / null byte
232. Null Dereference
233. Null-pointer dereference
234. Numeric Byte Ordering Error
235. Numeric Errors
236. Object Model Violation: Just One of equals() and hashCode() Defined
237. Obscured Security-relevant Information by Alternate Name
238. Obsolete feature in UI
239. Off-by-one Error
240. Often Misused: Authentication
241. Often Misused: Exception Handling
242. Often Misused: File System
243. Often Misused: Path Manipulation
244. Often Misused: Privilege Management
245. Often Misused: String Management
246. Omission of Security-relevant Information
247. Omitted break statement
248. Open forward
249. Open redirect
250. Origin Validation Error
251. Other length calculation error
252. Out-of-bounds Read
253. Overflow of static internal buffer
254. Overly Restrictive Regular Expression
255. Overly-Broad Catch Block
256. Overly-Broad Throws Declaration
257. Ownership errors
258. Parameter Problems
259. Partial Comparison
260. Passing mutable objects to an untrusted method
261. Password Management: Hardcoded Password
262. Password Management: Weak Cryptography
263. Password Plaintext Storage
264. Patch Issues
265. Path Equivalence
266. Path Issue - asterix wildcard - filedir*
267. Path Issue - backslash absolute path - /absolute/pathname/here
268. Path Issue - directory doubled dot dot backslash
269. Path Issue - directory doubled dot dot slash
270. Path Issue - dirname/fakechild/
271. Path Issue - dot dot backslash
272. Path Issue - doubled dot dot slash
273. Path Issue - doubled triple dot slash
274. Path Issue - drive letter or Windows volume - 'C:dirname'
275. Path Issue - internal dot - 'file.ordir'
276. Path Issue - internal space - file(SPACE)name
277. Path Issue - leading directory dot dot backslash
278. Path Issue - leading directory dot dot slash
279. Path Issue - leading dot dot backslash
280. Path Issue - leading dot dot slash
281. Path Issue - leading space
282. Path Issue - multiple dot
283. Path Issue - multiple internal backslash
284. Path Issue - multiple leading slash
285. Path Issue - multiple trailing dot
286. Path Issue - multiple trailing slash
287. Path Issue - single dot directory
288. Path Issue - slash absolute path
289. Path Issue - trailing backslash
290. Path Issue - trailing dot
291. Path Issue - trailing slash
292. Path Issue - trailing space
293. Path Issue - triple dot
294. Path Issue - Windows 8.3 Filename
295. Path Issue - Windows UNC share - '/UNC/share/name/'
296. Pathname Traversal and Equivalence Errors
297. Permission errors
298. Permission preservation failure
299. Permissions, Privileges, and ACLs
300. Permissive Whitelist
301. PHP External Variable Modification
302. PHP File Inclusion
303. Plaintext Storage in Cookie
304. Plaintext Storage in Executable
305. Plaintext Storage in File or on Disk
306. Plaintext Storage in GUI
307. Plaintext Storage in Memory
308. Plaintext Storage of Sensitive Information
309. Pointer Issues
310. Poor Logging Practice: Logger Not Declared Static Final
311. Poor Logging Practice: Multiple Loggers
312. Poor Logging Practice: Use of a System Output Stream
313. Poor Style: Confusing Naming
314. Poor Style: Empty Synchronized Block
315. Poor Style: Explicit call to finalize()
316. Poor Style: Identifier Contains Dollar Symbol ($)
317. Portability Flaw
318. Porting Issues
319. Predictability problems
320. Predictable Exact Value from Previous Values
321. Predictable from Observable State
322. Predictable Seed in PRNG
323. Predictable Value Range from Previous Values
324. Privacy Violation
325. Private Array-Typed Field Returned From A Public Method
326. Privilege / sandbox errors
327. Privilege Chaining
328. Privilege Context Switching Error
329. Privilege Dropping / Lowering Errors
330. Privilege Management Error
331. PRNG Seed Error
332. Process Control
333. Process information infoleak to other processes
334. Product UI does not warn user of unsafe actions
335. Product-External Error Message Infoleak
336. Product-Generated Error Message Infoleak
337. Proxied Trusted Channel
338. Public Data Assigned to Private Array-Typed Field
339. Publicizing of private data when using inner classes
340. Quoting Element
341. Race condition enabling link following
342. Race condition in checking for certificate revocation
343. Race condition in signal handler
344. Race condition in switch
345. Race condition within a thread
346. Race Conditions
347. Randomness and Predictability
348. Record Delimiter
349. Reflection attack in an auth protocol
350. Reflection injection
351. Regular Expression Error
352. Relative path library search
353. Reliance on data layout
354. Relying on package-level scope
355. Representation Errors
356. Requirements Issues
357. Resource exhaustion
358. Resource leaks
359. Resource Locking problems
360. Resource Management Errors
361. Response discrepancy infoleak
362. Return Inside Finally Block
363. Reusing a nonce, key pair in encryption
364. Reversible One-Way Hash
365. Same Seed in PRNG
366. Section Delimiter
367. Sensitive Data Under FTP Root
368. Sensitive Data Under Web Root
369. Sensitive Information Uncleared Before Use
370. Session Fixation
371. Sign extension error
372. Signal Errors
373. Signed to unsigned conversion error
374. Small Seed Space in PRNG
375. Small Space of Random Values
376. Stack overflow
377. State synchronization error
378. Static Value in Unpredictable Context
379. Storing passwords in a recoverable format
380. String Termination Error
381. Struts: Duplicate Validation Forms
382. Struts: Erroneous validate() Method
383. Struts: Form Bean Does Not Extend Validation Class
384. Struts: Form Does Not Extend Validation Class
385. Struts: Form Field Without Validator
386. Struts: Plug-in Framework Not In Use
387. Struts: Unused Validation Form
388. Struts: Unvalidated Action Form
389. Struts: Validator Turned Off
390. Struts: Validator Without Form Field
391. Substitution Character
392. Symbolic name not mapping to correct object
393. System Configuration Issues
394. System Information Leak
395. System Information Leak: Missing Catch Block
396. System Operations Issues
397. Technology-specific Environment Issues
398. Technology-Specific Input Validation Problems
399. Technology-Specific Special Elements
400. Technology-Specific Time and State Issues
401. Template:Vulnerability
402. Temporary File Issues
403. Testing Issues
404. The UI performs the wrong action
405. Time and State
406. Time of check, time of use race condition
407. Time of Introduction
408. Time-of-check Time-of-use race condition
409. Timing discrepancy infoleak
410. Trailing Special Element
411. Trapdoor
412. Truncation error
413. Truncation of Security-relevant Information
414. Trust Boundary Violation
415. Trust of system event data
416. Trusting self-reported DNS name
417. Trusting self-reported IP address
418. UI Misrepresentation of Critical Information
419. Uncaught exception
420. Unchecked array indexing
421. Unchecked Error Condition
422. Unchecked Return Value
423. Unchecked Return Value: Missing Check against Null
424. Uncontrolled Search Path Element
425. Undefined Behavior
426. Undefined Parameter Error
427. Undefined Value Error
428. Unexpected Status Code or Return Value
429. Unimplemented or unsupported feature in UI
430. Uninitialized variable
431. Uninitialized Variable
432. Unintended proxy/intermediary
433. Unintentional pointer scaling
434. UNIX file descriptor leak
435. UNIX hard link
436. UNIX Path Link problems
437. UNIX symbolic link (symlink) following
438. Unparsed Raw Web Content Delivery
439. Unprotected Alternate Channel
440. Unprotected Primary Channel
441. Unquoted Search Path or Element
442. Unreleased Resource
443. Unrestricted Critical Resource Lock
444. Unrestricted File Upload
445. Unsafe function call from a signal handler
446. Unsafe JNI
447. Unsafe Mobile Code: Access Violation
448. Unsafe Mobile Code: Dangerous Array Declaration
449. Unsafe Mobile Code: Dangerous Public Field
450. Unsafe Mobile Code: Inner Class
451. Unsafe Mobile Code: Public finalize() Method
452. Unsafe Privilege
453. Unsafe Reflection
454. Unsigned to signed conversion error
455. Untrusted Data Appended with Trusted Data
456. Unverified Ownership
457. URL Encoding (Hex Encoding)
458. Use of hard-coded password
459. Use of Less Trusted Source
460. Use of Obsolete Methods
461. Use of sizeof() on a pointer type
462. User interface inconsistency
463. User Interface Quality Errors
464. User Interface Security Errors
465. User management errors
466. Using a broken or risky cryptographic algorithm
467. Using a key past its expiration date
468. Using freed memory
469. Using password systems
470. Using referer field for authentication or authorization
471. Using single-factor authentication
472. Using the wrong operator
473. Validate-Before-Canonicalize
474. Validate-Before-Filter
475. Validation performed in client
476. Value Delimiter
477. Value Problems
478. Variable Name Delimiter
479. Virtual Files
480. Weak credentials
481. Weak Encryption
482. Wrap-around error
483. Write-what-where condition
484. Wrong Data Type
485. Wrong Status Code

Back to TOC