qiita.com

CRLF Injection (CWE-93)Code Injection (CWE-94)Command Injection - Generic (CWE-77)Cross-site Scripting (XSS) - DOM (CWE-79)Cross-site Scripting (XSS) - Generic (CWE-79)Cross-site Scripting (XSS) - Reflected (CWE-79)Cross-site Scripting (XS…

Business Logic Errors (CWE-840)Cleartext Storage of Sensitive Information (CWE-312)Cleartext Transmission of Sensitive Information (CWE-319)Denial of Service (CWE-400)Deserialization of Untrusted Data (CWE-502)Information Disclosure (CWE-2…

Array Index Underflow (CWE-129)Buffer Over-read (CWE-126)Buffer Under-read (CWE-127)Buffer Underflow (CWE-124)Classic Buffer Overflow (CWE-120)Double Free (CWE-415)Heap Overflow (CWE-122)Improper Null Termination (CWE-170)Incorrect Calcula…

Cryptographic Issues - Generic (CWE-310)Improper Certificate Validation (CWE-295)Improper Following of a Certificate's Chain of Trust (CWE-296)Inadequate Encryption Strength (CWE-326)Key Exchange without Entity Authentication (CWE-322)Miss…

Brute Force (CWE-307)Forced Browsing (CWE-425)Improper Access Control - Generic (CWE-284)Improper Authentication - Generic (CWE-287)Information Disclosure (CWE-200)Information Exposure Through Debug Information (CWE-215)Information Exposur…

Brute Force (CWE-307)Cleartext Transmission of Sensitive Information (CWE-319)Client-Side Enforcement of Server-Side Security (CWE-602)Command Injection - Generic (CWE-77)Cross-Site Request Forgery (CSRF) (CWE-352)Cross-site Scripting (XSS…

・2013年 Cleartext Storage of Sensitive Information (CWE-312)Cleartext Transmission of Sensitive Information (CWE-319)Command Injection - Generic (CWE-77)Cross-Site Request Forgery (CSRF) (CWE-352)Cross-site Scripting (XSS) - DOM (CWE-79)C…