CodeQL documentation

CWE coverage for C and C++

An overview of CWE coverage for C and C++ in the latest release of CodeQL.

Overview

CWE Language Query id Query name
CWE-14 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE-20 C/C++ cpp/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data
CWE-20 C/C++ cpp/count-untrusted-data-external-api-ir Frequency counts for external APIs that are used with untrusted data
CWE-20 C/C++ cpp/untrusted-data-to-external-api-ir Untrusted data passed to external API
CWE-20 C/C++ cpp/untrusted-data-to-external-api Untrusted data passed to external API
CWE-20 C/C++ cpp/uncontrolled-process-operation Uncontrolled process operation
CWE-20 C/C++ cpp/unclear-array-index-validation Unclear validation of array index
CWE-20 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-20 C/C++ cpp/late-check-of-function-argument Late Check Of Function Argument
CWE-20 C/C++ cpp/linux-kernel-no-check-before-unsafe-put-user Linux kernel no check before unsafe_put_user vulnerability detection
CWE-22 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-23 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-36 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-73 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-74 C/C++ cpp/non-constant-format Non-constant format string
CWE-74 C/C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE-74 C/C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting
CWE-74 C/C++ cpp/sql-injection Uncontrolled data in SQL query
CWE-74 C/C++ cpp/tainted-format-string Uncontrolled format string
CWE-74 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command
CWE-77 C/C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE-77 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command
CWE-78 C/C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE-78 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command
CWE-79 C/C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting
CWE-88 C/C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE-89 C/C++ cpp/sql-injection Uncontrolled data in SQL query
CWE-114 C/C++ cpp/uncontrolled-process-operation Uncontrolled process operation
CWE-118 C/C++ cpp/offset-use-before-range-check Array offset used before range check
CWE-118 C/C++ cpp/double-free Potential double free
CWE-118 C/C++ cpp/late-negative-test Pointer offset used before it is checked
CWE-118 C/C++ cpp/missing-negativity-test Unchecked return value used as offset
CWE-118 C/C++ cpp/overflow-calculated Buffer not sufficient for string
CWE-118 C/C++ cpp/overflow-destination Copy function using source size
CWE-118 C/C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE-118 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-118 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-118 C/C++ cpp/use-after-free Potential use after free
CWE-118 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE-118 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE-118 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE-118 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE-118 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE-118 C/C++ cpp/using-expired-stack-address Use of expired stack-address
CWE-118 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-118 C/C++ cpp/overrun-write Overrunning write
CWE-118 C/C++ cpp/badly-bounded-write Badly bounded write
CWE-118 C/C++ cpp/overrunning-write Potentially overrunning write
CWE-118 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE-118 C/C++ cpp/unbounded-write Unbounded write
CWE-118 C/C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE-118 C/C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE-118 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-118 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference
CWE-118 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE-118 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-118 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-118 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-118 C/C++ cpp/memory-unsafe-function-scan Scanf function without a specified length
CWE-118 C/C++ cpp/dangerous-use-convert-function Dangerous use convert function.
CWE-118 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-118 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-118 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-118 C/C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic
CWE-118 C/C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer
CWE-118 C/C++ cpp/buffer-access-with-incorrect-length-value Buffer access with incorrect length value
CWE-119 C/C++ cpp/offset-use-before-range-check Array offset used before range check
CWE-119 C/C++ cpp/double-free Potential double free
CWE-119 C/C++ cpp/late-negative-test Pointer offset used before it is checked
CWE-119 C/C++ cpp/missing-negativity-test Unchecked return value used as offset
CWE-119 C/C++ cpp/overflow-calculated Buffer not sufficient for string
CWE-119 C/C++ cpp/overflow-destination Copy function using source size
CWE-119 C/C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE-119 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-119 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-119 C/C++ cpp/use-after-free Potential use after free
CWE-119 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE-119 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE-119 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE-119 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE-119 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE-119 C/C++ cpp/using-expired-stack-address Use of expired stack-address
CWE-119 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-119 C/C++ cpp/overrun-write Overrunning write
CWE-119 C/C++ cpp/badly-bounded-write Badly bounded write
CWE-119 C/C++ cpp/overrunning-write Potentially overrunning write
CWE-119 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE-119 C/C++ cpp/unbounded-write Unbounded write
CWE-119 C/C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE-119 C/C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE-119 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-119 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference
CWE-119 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE-119 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-119 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-119 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-119 C/C++ cpp/memory-unsafe-function-scan Scanf function without a specified length
CWE-119 C/C++ cpp/dangerous-use-convert-function Dangerous use convert function.
CWE-119 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-119 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-119 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-119 C/C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic
CWE-119 C/C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer
CWE-119 C/C++ cpp/buffer-access-with-incorrect-length-value Buffer access with incorrect length value
CWE-120 C/C++ cpp/offset-use-before-range-check Array offset used before range check
CWE-120 C/C++ cpp/overflow-calculated Buffer not sufficient for string
CWE-120 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE-120 C/C++ cpp/badly-bounded-write Badly bounded write
CWE-120 C/C++ cpp/overrunning-write Potentially overrunning write
CWE-120 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE-120 C/C++ cpp/unbounded-write Unbounded write
CWE-120 C/C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE-120 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-120 C/C++ cpp/memory-unsafe-function-scan Scanf function without a specified length
CWE-121 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-121 C/C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE-122 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-122 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-122 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-122 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-125 C/C++ cpp/offset-use-before-range-check Array offset used before range check
CWE-125 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-125 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference
CWE-125 C/C++ cpp/dangerous-use-convert-function Dangerous use convert function.
CWE-126 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-128 C/C++ cpp/signed-overflow-check Signed overflow check
CWE-128 C/C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation
CWE-129 C/C++ cpp/unclear-array-index-validation Unclear validation of array index
CWE-131 C/C++ cpp/overflow-calculated Buffer not sufficient for string
CWE-131 C/C++ cpp/overflow-destination Copy function using source size
CWE-131 C/C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE-131 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-131 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-131 C/C++ cpp/overrun-write Overrunning write
CWE-131 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-134 C/C++ cpp/non-constant-format Non-constant format string
CWE-134 C/C++ cpp/tainted-format-string Uncontrolled format string
CWE-170 C/C++ cpp/improper-null-termination Potential improper null termination
CWE-170 C/C++ cpp/user-controlled-null-termination-tainted User-controlled data may not be null terminated
CWE-190 C/C++ cpp/ambiguously-signed-bit-field Ambiguously signed bit-field member
CWE-190 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE-190 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE-190 C/C++ cpp/signed-overflow-check Signed overflow check
CWE-190 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-190 C/C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression
CWE-190 C/C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression
CWE-190 C/C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression
CWE-190 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-190 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE-190 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-190 C/C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation
CWE-190 C/C++ cpp/dangerous-use-of-transformation-after-operation Dangerous use of transformation after operation.
CWE-190 C/C++ cpp/signed-bit-field Possible signed bit-field member
CWE-191 C/C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression
CWE-191 C/C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression
CWE-191 C/C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression
CWE-191 C/C++ cpp/unsigned-difference-expression-compared-zero Unsigned difference expression compared to zero
CWE-193 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference
CWE-197 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE-197 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-197 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE-200 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-200 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE-200 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE-200 C/C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions.
CWE-200 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-200 C/C++ cpp/private-cleartext-write Exposure of private information
CWE-227 C/C++ cpp/double-free Potential double free
CWE-227 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function
CWE-227 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-227 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-227 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-227 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE-227 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-227 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE-227 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE-227 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-227 C/C++ cpp/twice-locked Mutex locked twice
CWE-227 C/C++ cpp/unreleased-lock Lock may not be released
CWE-227 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-227 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-227 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-227 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-227 C/C++ cpp/double-release Errors When Double Release
CWE-228 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-228 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-233 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-233 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-234 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-234 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-242 C/C++ cpp/dangerous-function-overflow Use of dangerous function
CWE-243 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-248 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE-252 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-252 C/C++ cpp/return-value-ignored Return value of a function is ignored
CWE-252 C/C++ cpp/inconsistent-call-on-result Inconsistent operation on return value
CWE-252 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE-252 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-252 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-253 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function
CWE-253 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-253 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-253 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE-260 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-266 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-269 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-269 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-271 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-273 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-284 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE-284 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-284 C/C++ cpp/world-writable-file-creation File created without restricting permissions
CWE-284 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE-284 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-284 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-284 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-284 C/C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE-285 C/C++ cpp/world-writable-file-creation File created without restricting permissions
CWE-285 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE-285 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-285 C/C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE-287 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE-287 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-290 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE-295 C/C++ cpp/certificate-result-conflation Certificate result conflation
CWE-295 C/C++ cpp/certificate-not-checked Certificate not checked
CWE-311 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE-311 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-311 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-311 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE-311 C/C++ cpp/non-https-url Failure to use HTTPS URLs
CWE-312 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE-312 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-312 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE-313 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-313 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE-319 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-319 C/C++ cpp/non-https-url Failure to use HTTPS URLs
CWE-326 C/C++ cpp/boost/tls-settings-misconfiguration boost::asio TLS settings misconfiguration
CWE-326 C/C++ cpp/insufficient-key-size Use of a cryptographic algorithm with insufficient key size
CWE-326 C/C++ cpp/unknown-asymmetric-key-gen-size Unknown key generation key size
CWE-326 C/C++ cpp/weak-asymmetric-key-gen-size Weak asymmetric key generation key size (< 2048 bits)
CWE-327 C/C++ cpp/boost/use-of-deprecated-hardcoded-security-protocol boost::asio use of deprecated hardcoded protocol
CWE-327 C/C++ cpp/weak-cryptographic-algorithm Use of a broken or risky cryptographic algorithm
CWE-327 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE-327 C/C++ cpp/weak-block-mode Weak block mode
CWE-327 C/C++ cpp/weak-elliptic-curve Weak elliptic curve
CWE-327 C/C++ cpp/weak-crypto/banned-encryption-algorithms Weak cryptography
CWE-327 C/C++ cpp/weak-crypto/banned-hash-algorithms Weak cryptography
CWE-345 C/C++ cpp/non-https-url Failure to use HTTPS URLs
CWE-359 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-359 C/C++ cpp/private-cleartext-write Exposure of private information
CWE-362 C/C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition
CWE-362 C/C++ cpp/linux-kernel-double-fetch-vulnerability Linux kernel double-fetch vulnerability detection
CWE-367 C/C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition
CWE-369 C/C++ cpp/divide-by-zero-using-return-value Divide by zero using return value
CWE-377 C/C++ cpp/insecure-generation-of-filename Insecure generation of filenames.
CWE-390 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE-398 C/C++ cpp/unused-local-variable Unused local variable
CWE-398 C/C++ cpp/unused-static-function Unused static function
CWE-398 C/C++ cpp/unused-static-variable Unused static variable
CWE-398 C/C++ cpp/dead-code-condition Branching condition always evaluates to same value
CWE-398 C/C++ cpp/dead-code-function Function is never called
CWE-398 C/C++ cpp/dead-code-goto Dead code due to goto or break statement
CWE-398 C/C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer
CWE-398 C/C++ cpp/missing-null-test Returned pointer not checked
CWE-398 C/C++ cpp/unused-variable Variable is assigned a value that is never read
CWE-398 C/C++ cpp/fixme-comment FIXME comment
CWE-398 C/C++ cpp/todo-comment TODO comment
CWE-398 C/C++ cpp/inconsistent-null-check Inconsistent nullness check
CWE-398 C/C++ cpp/useless-expression Expression has no effect
CWE-398 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE-398 C/C++ cpp/suspicious-call-to-memset Suspicious call to memset
CWE-398 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE-398 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE-398 C/C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference
CWE-398 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-398 C/C++ cpp/dangerous-function-overflow Use of dangerous function
CWE-398 C/C++ cpp/dangerous-cin Dangerous use of 'cin'
CWE-398 C/C++ cpp/potentially-dangerous-function Use of potentially dangerous function
CWE-398 C/C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter
CWE-398 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-398 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE-400 C/C++ cpp/catch-missing-free Leaky catch
CWE-400 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE-400 C/C++ cpp/descriptor-never-closed Open descriptor never closed
CWE-400 C/C++ cpp/file-may-not-be-closed Open file may not be closed
CWE-400 C/C++ cpp/file-never-closed Open file is not closed
CWE-400 C/C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE-400 C/C++ cpp/memory-never-freed Memory is never freed
CWE-400 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE-400 C/C++ cpp/alloca-in-loop Call to alloca in a loop
CWE-400 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-400 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE-401 C/C++ cpp/catch-missing-free Leaky catch
CWE-401 C/C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE-401 C/C++ cpp/memory-never-freed Memory is never freed
CWE-401 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE-401 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE-404 C/C++ cpp/catch-missing-free Leaky catch
CWE-404 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE-404 C/C++ cpp/descriptor-never-closed Open descriptor never closed
CWE-404 C/C++ cpp/file-may-not-be-closed Open file may not be closed
CWE-404 C/C++ cpp/file-never-closed Open file is not closed
CWE-404 C/C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE-404 C/C++ cpp/memory-never-freed Memory is never freed
CWE-404 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE-404 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE-404 C/C++ cpp/resource-not-released-in-destructor Resource not released in destructor
CWE-415 C/C++ cpp/double-free Potential double free
CWE-415 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-415 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-416 C/C++ cpp/use-after-free Potential use after free
CWE-416 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-416 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-416 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-416 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-428 C/C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess
CWE-435 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE-456 C/C++ cpp/initialization-not-run Initialization code not run
CWE-457 C/C++ cpp/global-use-before-init Global variable may be used before initialization
CWE-457 C/C++ cpp/not-initialised Variable not initialized before use
CWE-457 C/C++ cpp/uninitialized-local Potentially uninitialized local variable
CWE-457 C/C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable
CWE-467 C/C++ cpp/suspicious-sizeof Suspicious 'sizeof' use
CWE-468 C/C++ cpp/suspicious-pointer-scaling Suspicious pointer scaling
CWE-468 C/C++ cpp/incorrect-pointer-scaling-char Suspicious pointer scaling to char
CWE-468 C/C++ cpp/suspicious-pointer-scaling-void Suspicious pointer scaling to void
CWE-468 C/C++ cpp/suspicious-add-sizeof Suspicious add with sizeof
CWE-476 C/C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer
CWE-476 C/C++ cpp/missing-null-test Returned pointer not checked
CWE-476 C/C++ cpp/inconsistent-null-check Inconsistent nullness check
CWE-476 C/C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference
CWE-476 C/C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter
CWE-476 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-478 C/C++ cpp/missing-case-in-switch Missing enum case in switch
CWE-478 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE-480 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE-480 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE-480 C/C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage
CWE-480 C/C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag
CWE-480 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-480 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE-481 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE-482 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE-497 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE-497 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE-522 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-546 C/C++ cpp/fixme-comment FIXME comment
CWE-546 C/C++ cpp/todo-comment TODO comment
CWE-560 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-561 C/C++ cpp/unused-static-function Unused static function
CWE-561 C/C++ cpp/dead-code-condition Branching condition always evaluates to same value
CWE-561 C/C++ cpp/dead-code-function Function is never called
CWE-561 C/C++ cpp/dead-code-goto Dead code due to goto or break statement
CWE-561 C/C++ cpp/useless-expression Expression has no effect
CWE-561 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-561 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE-563 C/C++ cpp/unused-local-variable Unused local variable
CWE-563 C/C++ cpp/unused-static-variable Unused static variable
CWE-563 C/C++ cpp/unused-variable Variable is assigned a value that is never read
CWE-570 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-573 C/C++ cpp/double-free Potential double free
CWE-573 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function
CWE-573 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-573 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-573 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-573 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE-573 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-573 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE-573 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE-573 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-573 C/C++ cpp/twice-locked Mutex locked twice
CWE-573 C/C++ cpp/unreleased-lock Lock may not be released
CWE-573 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-573 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-573 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-573 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-573 C/C++ cpp/double-release Errors When Double Release
CWE-592 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE-610 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-610 C/C++ cpp/external-entity-expansion XML external entity expansion
CWE-611 C/C++ cpp/external-entity-expansion XML external entity expansion
CWE-628 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-628 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE-628 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-628 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-642 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-662 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-662 C/C++ cpp/twice-locked Mutex locked twice
CWE-662 C/C++ cpp/unreleased-lock Lock may not be released
CWE-664 C/C++ cpp/catch-missing-free Leaky catch
CWE-664 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE-664 C/C++ cpp/descriptor-never-closed Open descriptor never closed
CWE-664 C/C++ cpp/double-free Potential double free
CWE-664 C/C++ cpp/file-may-not-be-closed Open file may not be closed
CWE-664 C/C++ cpp/file-never-closed Open file is not closed
CWE-664 C/C++ cpp/global-use-before-init Global variable may be used before initialization
CWE-664 C/C++ cpp/initialization-not-run Initialization code not run
CWE-664 C/C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE-664 C/C++ cpp/memory-never-freed Memory is never freed
CWE-664 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE-664 C/C++ cpp/not-initialised Variable not initialized before use
CWE-664 C/C++ cpp/use-after-free Potential use after free
CWE-664 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE-664 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE-664 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE-664 C/C++ cpp/alloca-in-loop Call to alloca in a loop
CWE-664 C/C++ cpp/improper-null-termination Potential improper null termination
CWE-664 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE-664 C/C++ cpp/uninitialized-local Potentially uninitialized local variable
CWE-664 C/C++ cpp/using-expired-stack-address Use of expired stack-address
CWE-664 C/C++ cpp/self-assignment-check Self assignment check
CWE-664 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-664 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-664 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE-664 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-664 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE-664 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE-664 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-664 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-664 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE-664 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-664 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-664 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-664 C/C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess
CWE-664 C/C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable
CWE-664 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE-664 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE-664 C/C++ cpp/external-entity-expansion XML external entity expansion
CWE-664 C/C++ cpp/incorrect-string-type-conversion Cast from char to wchar_t
CWE-664 C/C++ cpp/world-writable-file-creation File created without restricting permissions
CWE-664 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE-664 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-664 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-664 C/C++ cpp/twice-locked Mutex locked twice
CWE-664 C/C++ cpp/unreleased-lock Lock may not be released
CWE-664 C/C++ cpp/type-confusion Type confusion
CWE-664 C/C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions.
CWE-664 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-664 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-664 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-664 C/C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE-664 C/C++ cpp/private-cleartext-write Exposure of private information
CWE-664 C/C++ cpp/insecure-generation-of-filename Insecure generation of filenames.
CWE-664 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE-664 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-664 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-664 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-664 C/C++ cpp/double-release Errors When Double Release
CWE-664 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE-664 C/C++ cpp/resource-not-released-in-destructor Resource not released in destructor
CWE-665 C/C++ cpp/global-use-before-init Global variable may be used before initialization
CWE-665 C/C++ cpp/initialization-not-run Initialization code not run
CWE-665 C/C++ cpp/not-initialised Variable not initialized before use
CWE-665 C/C++ cpp/alloca-in-loop Call to alloca in a loop
CWE-665 C/C++ cpp/improper-null-termination Potential improper null termination
CWE-665 C/C++ cpp/uninitialized-local Potentially uninitialized local variable
CWE-665 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-665 C/C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable
CWE-666 C/C++ cpp/double-free Potential double free
CWE-666 C/C++ cpp/use-after-free Potential use after free
CWE-666 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE-666 C/C++ cpp/using-expired-stack-address Use of expired stack-address
CWE-666 C/C++ cpp/self-assignment-check Self assignment check
CWE-666 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-666 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-666 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-666 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-666 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-666 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-666 C/C++ cpp/double-release Errors When Double Release
CWE-667 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-667 C/C++ cpp/twice-locked Mutex locked twice
CWE-667 C/C++ cpp/unreleased-lock Lock may not be released
CWE-668 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-668 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-668 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-668 C/C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess
CWE-668 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE-668 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE-668 C/C++ cpp/world-writable-file-creation File created without restricting permissions
CWE-668 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE-668 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-668 C/C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions.
CWE-668 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-668 C/C++ cpp/private-cleartext-write Exposure of private information
CWE-668 C/C++ cpp/insecure-generation-of-filename Insecure generation of filenames.
CWE-669 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-670 C/C++ cpp/comma-before-misleading-indentation Comma before misleading indentation
CWE-670 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE-670 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE-670 C/C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage
CWE-670 C/C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag
CWE-670 C/C++ cpp/unsafe-use-of-this Unsafe use of this in constructor
CWE-670 C/C++ cpp/dangerous-use-of-ssl-shutdown Dangerous use SSL_shutdown.
CWE-670 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-670 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE-672 C/C++ cpp/double-free Potential double free
CWE-672 C/C++ cpp/use-after-free Potential use after free
CWE-672 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE-672 C/C++ cpp/using-expired-stack-address Use of expired stack-address
CWE-672 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-672 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-672 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-672 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-672 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-672 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-675 C/C++ cpp/double-free Potential double free
CWE-675 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-675 C/C++ cpp/twice-locked Mutex locked twice
CWE-675 C/C++ cpp/unreleased-lock Lock may not be released
CWE-675 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-675 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-675 C/C++ cpp/double-release Errors When Double Release
CWE-676 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE-676 C/C++ cpp/suspicious-call-to-memset Suspicious call to memset
CWE-676 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE-676 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE-676 C/C++ cpp/dangerous-function-overflow Use of dangerous function
CWE-676 C/C++ cpp/dangerous-cin Dangerous use of 'cin'
CWE-676 C/C++ cpp/potentially-dangerous-function Use of potentially dangerous function
CWE-681 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE-681 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE-681 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-681 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE-682 C/C++ cpp/overflow-calculated Buffer not sufficient for string
CWE-682 C/C++ cpp/overflow-destination Copy function using source size
CWE-682 C/C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE-682 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-682 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-682 C/C++ cpp/ambiguously-signed-bit-field Ambiguously signed bit-field member
CWE-682 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE-682 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE-682 C/C++ cpp/signed-overflow-check Signed overflow check
CWE-682 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-682 C/C++ cpp/suspicious-sizeof Suspicious 'sizeof' use
CWE-682 C/C++ cpp/overrun-write Overrunning write
CWE-682 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-682 C/C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression
CWE-682 C/C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression
CWE-682 C/C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression
CWE-682 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-682 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE-682 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-682 C/C++ cpp/unsigned-difference-expression-compared-zero Unsigned difference expression compared to zero
CWE-682 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference
CWE-682 C/C++ cpp/suspicious-pointer-scaling Suspicious pointer scaling
CWE-682 C/C++ cpp/incorrect-pointer-scaling-char Suspicious pointer scaling to char
CWE-682 C/C++ cpp/suspicious-pointer-scaling-void Suspicious pointer scaling to void
CWE-682 C/C++ cpp/suspicious-add-sizeof Suspicious add with sizeof
CWE-682 C/C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation
CWE-682 C/C++ cpp/dangerous-use-of-transformation-after-operation Dangerous use of transformation after operation.
CWE-682 C/C++ cpp/divide-by-zero-using-return-value Divide by zero using return value
CWE-682 C/C++ cpp/signed-bit-field Possible signed bit-field member
CWE-685 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-685 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-686 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE-687 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-691 C/C++ cpp/comma-before-misleading-indentation Comma before misleading indentation
CWE-691 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE-691 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE-691 C/C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage
CWE-691 C/C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag
CWE-691 C/C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop
CWE-691 C/C++ cpp/unsafe-use-of-this Unsafe use of this in constructor
CWE-691 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-691 C/C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition
CWE-691 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-691 C/C++ cpp/twice-locked Mutex locked twice
CWE-691 C/C++ cpp/unreleased-lock Lock may not be released
CWE-691 C/C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition
CWE-691 C/C++ cpp/linux-kernel-double-fetch-vulnerability Linux kernel double-fetch vulnerability detection
CWE-691 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE-691 C/C++ cpp/dangerous-use-of-ssl-shutdown Dangerous use SSL_shutdown.
CWE-691 C/C++ cpp/errors-after-refactoring Errors After Refactoring
CWE-691 C/C++ cpp/errors-when-using-bit-operations Errors When Using Bit Operations
CWE-691 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE-691 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-691 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE-693 C/C++ cpp/boost/tls-settings-misconfiguration boost::asio TLS settings misconfiguration
CWE-693 C/C++ cpp/boost/use-of-deprecated-hardcoded-security-protocol boost::asio use of deprecated hardcoded protocol
CWE-693 C/C++ cpp/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data
CWE-693 C/C++ cpp/count-untrusted-data-external-api-ir Frequency counts for external APIs that are used with untrusted data
CWE-693 C/C++ cpp/untrusted-data-to-external-api-ir Untrusted data passed to external API
CWE-693 C/C++ cpp/untrusted-data-to-external-api Untrusted data passed to external API
CWE-693 C/C++ cpp/uncontrolled-process-operation Uncontrolled process operation
CWE-693 C/C++ cpp/unclear-array-index-validation Unclear validation of array index
CWE-693 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-693 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE-693 C/C++ cpp/certificate-result-conflation Certificate result conflation
CWE-693 C/C++ cpp/certificate-not-checked Certificate not checked
CWE-693 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE-693 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-693 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE-693 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE-693 C/C++ cpp/non-https-url Failure to use HTTPS URLs
CWE-693 C/C++ cpp/insufficient-key-size Use of a cryptographic algorithm with insufficient key size
CWE-693 C/C++ cpp/weak-cryptographic-algorithm Use of a broken or risky cryptographic algorithm
CWE-693 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE-693 C/C++ cpp/world-writable-file-creation File created without restricting permissions
CWE-693 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE-693 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-693 C/C++ cpp/tainted-permissions-check Untrusted input for a condition
CWE-693 C/C++ cpp/late-check-of-function-argument Late Check Of Function Argument
CWE-693 C/C++ cpp/linux-kernel-no-check-before-unsafe-put-user Linux kernel no check before unsafe_put_user vulnerability detection
CWE-693 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-693 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-693 C/C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE-693 C/C++ cpp/unknown-asymmetric-key-gen-size Unknown key generation key size
CWE-693 C/C++ cpp/weak-asymmetric-key-gen-size Weak asymmetric key generation key size (< 2048 bits)
CWE-693 C/C++ cpp/weak-block-mode Weak block mode
CWE-693 C/C++ cpp/weak-elliptic-curve Weak elliptic curve
CWE-693 C/C++ cpp/weak-crypto/banned-encryption-algorithms Weak cryptography
CWE-693 C/C++ cpp/weak-crypto/banned-hash-algorithms Weak cryptography
CWE-697 C/C++ cpp/missing-case-in-switch Missing enum case in switch
CWE-697 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE-703 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function
CWE-703 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-703 C/C++ cpp/return-value-ignored Return value of a function is ignored
CWE-703 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-703 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-703 C/C++ cpp/inconsistent-call-on-result Inconsistent operation on return value
CWE-703 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-703 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE-703 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE-703 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-703 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-703 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-703 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE-703 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE-704 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE-704 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE-704 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE-704 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-704 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE-704 C/C++ cpp/incorrect-string-type-conversion Cast from char to wchar_t
CWE-704 C/C++ cpp/type-confusion Type confusion
CWE-705 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE-706 C/C++ cpp/path-injection Uncontrolled data used in path expression
CWE-707 C/C++ cpp/non-constant-format Non-constant format string
CWE-707 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-707 C/C++ cpp/improper-null-termination Potential improper null termination
CWE-707 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-707 C/C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE-707 C/C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting
CWE-707 C/C++ cpp/sql-injection Uncontrolled data in SQL query
CWE-707 C/C++ cpp/tainted-format-string Uncontrolled format string
CWE-707 C/C++ cpp/user-controlled-null-termination-tainted User-controlled data may not be null terminated
CWE-707 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command
CWE-710 C/C++ cpp/unused-local-variable Unused local variable
CWE-710 C/C++ cpp/unused-static-function Unused static function
CWE-710 C/C++ cpp/unused-static-variable Unused static variable
CWE-710 C/C++ cpp/dead-code-condition Branching condition always evaluates to same value
CWE-710 C/C++ cpp/dead-code-function Function is never called
CWE-710 C/C++ cpp/dead-code-goto Dead code due to goto or break statement
CWE-710 C/C++ cpp/double-free Potential double free
CWE-710 C/C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer
CWE-710 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function
CWE-710 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-710 C/C++ cpp/missing-null-test Returned pointer not checked
CWE-710 C/C++ cpp/unused-variable Variable is assigned a value that is never read
CWE-710 C/C++ cpp/fixme-comment FIXME comment
CWE-710 C/C++ cpp/todo-comment TODO comment
CWE-710 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-710 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE-710 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE-710 C/C++ cpp/inconsistent-null-check Inconsistent nullness check
CWE-710 C/C++ cpp/useless-expression Expression has no effect
CWE-710 C/C++ cpp/pointer-overflow-check Pointer overflow check
CWE-710 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE-710 C/C++ cpp/suspicious-call-to-memset Suspicious call to memset
CWE-710 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE-710 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE-710 C/C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference
CWE-710 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE-710 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE-710 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE-710 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE-710 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-710 C/C++ cpp/dangerous-function-overflow Use of dangerous function
CWE-710 C/C++ cpp/dangerous-cin Dangerous use of 'cin'
CWE-710 C/C++ cpp/potentially-dangerous-function Use of potentially dangerous function
CWE-710 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-710 C/C++ cpp/twice-locked Mutex locked twice
CWE-710 C/C++ cpp/unreleased-lock Lock may not be released
CWE-710 C/C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter
CWE-710 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-710 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE-710 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-710 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-710 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE-710 C/C++ cpp/double-release Errors When Double Release
CWE-710 C/C++ cpp/errors-of-undefined-program-behavior Errors Of Undefined Program Behavior
CWE-732 C/C++ cpp/world-writable-file-creation File created without restricting permissions
CWE-732 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE-732 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE-733 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE-754 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function
CWE-754 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function
CWE-754 C/C++ cpp/return-value-ignored Return value of a function is ignored
CWE-754 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE-754 C/C++ cpp/inconsistent-call-on-result Inconsistent operation on return value
CWE-754 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE-754 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE-754 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-754 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE-754 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE-754 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE-755 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE-755 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE-758 C/C++ cpp/pointer-overflow-check Pointer overflow check
CWE-758 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE-758 C/C++ cpp/errors-of-undefined-program-behavior Errors Of Undefined Program Behavior
CWE-764 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-764 C/C++ cpp/twice-locked Mutex locked twice
CWE-764 C/C++ cpp/unreleased-lock Lock may not be released
CWE-770 C/C++ cpp/alloca-in-loop Call to alloca in a loop
CWE-770 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-772 C/C++ cpp/catch-missing-free Leaky catch
CWE-772 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE-772 C/C++ cpp/descriptor-never-closed Open descriptor never closed
CWE-772 C/C++ cpp/file-may-not-be-closed Open file may not be closed
CWE-772 C/C++ cpp/file-never-closed Open file is not closed
CWE-772 C/C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE-772 C/C++ cpp/memory-never-freed Memory is never freed
CWE-772 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE-772 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE-775 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE-775 C/C++ cpp/descriptor-never-closed Open descriptor never closed
CWE-775 C/C++ cpp/file-may-not-be-closed Open file may not be closed
CWE-775 C/C++ cpp/file-never-closed Open file is not closed
CWE-783 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE-783 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE-787 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-787 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-787 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-787 C/C++ cpp/badly-bounded-write Badly bounded write
CWE-787 C/C++ cpp/overrunning-write Potentially overrunning write
CWE-787 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE-787 C/C++ cpp/unbounded-write Unbounded write
CWE-787 C/C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE-787 C/C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE-787 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-787 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference
CWE-787 C/C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic
CWE-788 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE-788 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE-788 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE-788 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE-788 C/C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE-788 C/C++ cpp/no-space-for-terminator No space for zero terminator
CWE-788 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE-788 C/C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer
CWE-789 C/C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE-805 C/C++ cpp/badly-bounded-write Badly bounded write
CWE-805 C/C++ cpp/overrunning-write Potentially overrunning write
CWE-805 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE-805 C/C++ cpp/unbounded-write Unbounded write
CWE-805 C/C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE-805 C/C++ cpp/buffer-access-with-incorrect-length-value Buffer access with incorrect length value
CWE-807 C/C++ cpp/tainted-permissions-check Untrusted input for a condition
CWE-823 C/C++ cpp/late-negative-test Pointer offset used before it is checked
CWE-823 C/C++ cpp/missing-negativity-test Unchecked return value used as offset
CWE-825 C/C++ cpp/double-free Potential double free
CWE-825 C/C++ cpp/use-after-free Potential use after free
CWE-825 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE-825 C/C++ cpp/using-expired-stack-address Use of expired stack-address
CWE-825 C/C++ cpp/iterator-to-expired-container Iterator to expired container
CWE-825 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends
CWE-825 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends
CWE-825 C/C++ cpp/experimental-double-free Errors When Double Free
CWE-825 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended
CWE-825 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE-826 C/C++ cpp/self-assignment-check Self assignment check
CWE-833 C/C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE-833 C/C++ cpp/twice-locked Mutex locked twice
CWE-833 C/C++ cpp/unreleased-lock Lock may not be released
CWE-834 C/C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop
CWE-834 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-834 C/C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition
CWE-835 C/C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop
CWE-835 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE-835 C/C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition
CWE-843 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE-843 C/C++ cpp/type-confusion Type confusion
CWE-908 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE-909 C/C++ cpp/initialization-not-run Initialization code not run
CWE-922 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE-922 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE-922 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE-943 C/C++ cpp/sql-injection Uncontrolled data in SQL query
CWE-1041 C/C++ cpp/call-to-function-without-wrapper Missed opportunity to call wrapper function
CWE-1078 C/C++ cpp/comma-before-misleading-indentation Comma before misleading indentation
CWE-1126 C/C++ cpp/errors-when-using-variable-declaration-inside-loop Errors When Using Variable Declaration Inside Loop
CWE-1240 C/C++ cpp/crypto-primitive Implementation of a cryptographic primitive
  • © GitHub, Inc.
  • Terms
  • Privacy