CodeQL documentation

CWE coverage for C and C++

An overview of CWE coverage for C and C++ in the latest release of CodeQL.

Overview

CWE Language Query id Query name
CWE‑14 C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE‑20 C++ cpp/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data
CWE‑20 C++ cpp/count-untrusted-data-external-api-ir Frequency counts for external APIs that are used with untrusted data
CWE‑20 C++ cpp/untrusted-data-to-external-api-ir Untrusted data passed to external API
CWE‑20 C++ cpp/untrusted-data-to-external-api Untrusted data passed to external API
CWE‑20 C++ cpp/uncontrolled-process-operation Uncontrolled process operation
CWE‑20 C++ cpp/unclear-array-index-validation Unclear validation of array index
CWE‑20 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑20 C++ cpp/late-check-of-function-argument Late Check Of Function Argument
CWE‑20 C++ cpp/linux-kernel-no-check-before-unsafe-put-user Linux kernel no check before unsafe_put_user vulnerability detection
CWE‑22 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑23 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑36 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑73 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑74 C++ cpp/non-constant-format Non-constant format string
CWE‑74 C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE‑74 C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting
CWE‑74 C++ cpp/sql-injection Uncontrolled data in SQL query
CWE‑74 C++ cpp/tainted-format-string Uncontrolled format string
CWE‑74 C++ cpp/tainted-format-string-through-global Uncontrolled format string (through global variable)
CWE‑77 C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE‑78 C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE‑79 C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting
CWE‑88 C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE‑89 C++ cpp/sql-injection Uncontrolled data in SQL query
CWE‑114 C++ cpp/uncontrolled-process-operation Uncontrolled process operation
CWE‑118 C++ cpp/offset-use-before-range-check Array offset used before range check
CWE‑118 C++ cpp/late-negative-test Pointer offset used before it is checked
CWE‑118 C++ cpp/missing-negativity-test Unchecked return value used as offset
CWE‑118 C++ cpp/overflow-calculated Buffer not sufficient for string
CWE‑118 C++ cpp/overflow-destination Copy function using source size
CWE‑118 C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE‑118 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑118 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑118 C++ cpp/use-after-free Potential use after free
CWE‑118 C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE‑118 C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE‑118 C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE‑118 C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE‑118 C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE‑118 C++ cpp/using-expired-stack-address Use of expired stack-address
CWE‑118 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑118 C++ cpp/badly-bounded-write Badly bounded write
CWE‑118 C++ cpp/overrunning-write Potentially overrunning write
CWE‑118 C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE‑118 C++ cpp/unbounded-write Unbounded write
CWE‑118 C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE‑118 C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE‑118 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑118 C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE‑118 C++ cpp/memory-unsafe-function-scan Scanf function without a specified length
CWE‑118 C++ cpp/double-free Errors When Double Free
CWE‑118 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑118 C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic
CWE‑118 C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer
CWE‑119 C++ cpp/offset-use-before-range-check Array offset used before range check
CWE‑119 C++ cpp/late-negative-test Pointer offset used before it is checked
CWE‑119 C++ cpp/missing-negativity-test Unchecked return value used as offset
CWE‑119 C++ cpp/overflow-calculated Buffer not sufficient for string
CWE‑119 C++ cpp/overflow-destination Copy function using source size
CWE‑119 C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE‑119 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑119 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑119 C++ cpp/use-after-free Potential use after free
CWE‑119 C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE‑119 C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE‑119 C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE‑119 C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE‑119 C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE‑119 C++ cpp/using-expired-stack-address Use of expired stack-address
CWE‑119 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑119 C++ cpp/badly-bounded-write Badly bounded write
CWE‑119 C++ cpp/overrunning-write Potentially overrunning write
CWE‑119 C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE‑119 C++ cpp/unbounded-write Unbounded write
CWE‑119 C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE‑119 C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE‑119 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑119 C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE‑119 C++ cpp/memory-unsafe-function-scan Scanf function without a specified length
CWE‑119 C++ cpp/double-free Errors When Double Free
CWE‑119 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑119 C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic
CWE‑119 C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer
CWE‑120 C++ cpp/offset-use-before-range-check Array offset used before range check
CWE‑120 C++ cpp/overflow-calculated Buffer not sufficient for string
CWE‑120 C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE‑120 C++ cpp/badly-bounded-write Badly bounded write
CWE‑120 C++ cpp/overrunning-write Potentially overrunning write
CWE‑120 C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE‑120 C++ cpp/unbounded-write Unbounded write
CWE‑120 C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE‑120 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑120 C++ cpp/memory-unsafe-function-scan Scanf function without a specified length
CWE‑121 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑121 C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE‑122 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑122 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑122 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑122 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑125 C++ cpp/offset-use-before-range-check Array offset used before range check
CWE‑125 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑126 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑128 C++ cpp/signed-overflow-check Signed overflow check
CWE‑128 C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation
CWE‑129 C++ cpp/unclear-array-index-validation Unclear validation of array index
CWE‑131 C++ cpp/overflow-calculated Buffer not sufficient for string
CWE‑131 C++ cpp/overflow-destination Copy function using source size
CWE‑131 C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE‑131 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑131 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑131 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑134 C++ cpp/non-constant-format Non-constant format string
CWE‑134 C++ cpp/tainted-format-string Uncontrolled format string
CWE‑134 C++ cpp/tainted-format-string-through-global Uncontrolled format string (through global variable)
CWE‑170 C++ cpp/improper-null-termination Potential improper null termination
CWE‑170 C++ cpp/user-controlled-null-termination-tainted User-controlled data may not be null terminated
CWE‑190 C++ cpp/ambiguously-signed-bit-field Ambiguously signed bit-field member
CWE‑190 C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE‑190 C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE‑190 C++ cpp/signed-overflow-check Signed overflow check
CWE‑190 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑190 C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression
CWE‑190 C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression
CWE‑190 C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression
CWE‑190 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑190 C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE‑190 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑190 C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation
CWE‑190 C++ cpp/dangerous-use-of-transformation-after-operation Dangerous use of transformation after operation.
CWE‑190 C++ cpp/signed-bit-field Possible signed bit-field member
CWE‑191 C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression
CWE‑191 C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression
CWE‑191 C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression
CWE‑191 C++ cpp/unsigned-difference-expression-compared-zero Unsigned difference expression compared to zero
CWE‑197 C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE‑197 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑197 C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE‑200 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑200 C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE‑200 C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE‑200 C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions.
CWE‑200 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑200 C++ cpp/private-cleartext-write Exposure of private information
CWE‑227 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑227 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑227 C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE‑227 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑227 C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE‑227 C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE‑227 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑227 C++ cpp/twice-locked Mutex locked twice
CWE‑227 C++ cpp/unreleased-lock Lock may not be released
CWE‑227 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑227 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑227 C++ cpp/double-free Errors When Double Free
CWE‑227 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑227 C++ cpp/double-release Errors When Double Release
CWE‑228 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑228 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑233 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑233 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑234 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑234 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑242 C++ cpp/dangerous-function-overflow Use of dangerous function
CWE‑243 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑248 C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE‑252 C++ cpp/return-value-ignored Return value of a function is ignored
CWE‑252 C++ cpp/inconsistent-call-on-result Inconsistent operation on return value
CWE‑252 C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE‑252 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑252 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑253 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑253 C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE‑260 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑266 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑269 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑269 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑271 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑273 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑284 C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE‑284 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑284 C++ cpp/world-writable-file-creation File created without restricting permissions
CWE‑284 C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE‑284 C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE‑284 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑284 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑284 C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE‑285 C++ cpp/world-writable-file-creation File created without restricting permissions
CWE‑285 C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE‑285 C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE‑285 C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE‑287 C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE‑287 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑290 C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE‑295 C++ cpp/certificate-result-conflation Certificate result conflation
CWE‑295 C++ cpp/certificate-not-checked Certificate not checked
CWE‑311 C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE‑311 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑311 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑311 C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE‑311 C++ cpp/non-https-url Failure to use HTTPS URLs
CWE‑312 C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE‑312 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑312 C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE‑313 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑313 C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE‑319 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑319 C++ cpp/non-https-url Failure to use HTTPS URLs
CWE‑326 C++ cpp/boost/tls-settings-misconfiguration Boost_asio TLS Settings Misconfiguration
CWE‑326 C++ cpp/insufficient-key-size Use of a cryptographic algorithm with insufficient key size
CWE‑327 C++ cpp/boost/use-of-deprecated-hardcoded-security-protocol boost::asio Use of deprecated hardcoded Protocol
CWE‑327 C++ cpp/weak-cryptographic-algorithm Use of a broken or risky cryptographic algorithm
CWE‑327 C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE‑345 C++ cpp/non-https-url Failure to use HTTPS URLs
CWE‑359 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑359 C++ cpp/private-cleartext-write Exposure of private information
CWE‑362 C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition
CWE‑362 C++ cpp/linux-kernel-double-fetch-vulnerability Linux kernel double-fetch vulnerability detection
CWE‑367 C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition
CWE‑377 C++ cpp/insecure-generation-of-filename Insecure generation of filenames.
CWE‑390 C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE‑398 C++ cpp/unused-local-variable Unused local variable
CWE‑398 C++ cpp/unused-static-function Unused static function
CWE‑398 C++ cpp/unused-static-variable Unused static variable
CWE‑398 C++ cpp/dead-code-condition Branching condition always evaluates to same value
CWE‑398 C++ cpp/dead-code-function Function is never called
CWE‑398 C++ cpp/dead-code-goto Dead code due to goto or break statement
CWE‑398 C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer
CWE‑398 C++ cpp/missing-null-test Returned pointer not checked
CWE‑398 C++ cpp/unused-variable Variable is assigned a value that is never read
CWE‑398 C++ cpp/fixme-comment FIXME comment
CWE‑398 C++ cpp/todo-comment TODO comment
CWE‑398 C++ cpp/inconsistent-null-check Inconsistent nullness check
CWE‑398 C++ cpp/useless-expression Expression has no effect
CWE‑398 C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE‑398 C++ cpp/suspicious-call-to-memset Suspicious call to memset
CWE‑398 C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE‑398 C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE‑398 C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference
CWE‑398 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑398 C++ cpp/dangerous-function-overflow Use of dangerous function
CWE‑398 C++ cpp/dangerous-cin Dangerous use of 'cin'
CWE‑398 C++ cpp/potentially-dangerous-function Use of potentially dangerous function
CWE‑398 C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter
CWE‑398 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑398 C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE‑400 C++ cpp/catch-missing-free Leaky catch
CWE‑400 C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE‑400 C++ cpp/descriptor-never-closed Open descriptor never closed
CWE‑400 C++ cpp/file-may-not-be-closed Open file may not be closed
CWE‑400 C++ cpp/file-never-closed Open file is not closed
CWE‑400 C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE‑400 C++ cpp/memory-never-freed Memory is never freed
CWE‑400 C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE‑400 C++ cpp/alloca-in-loop Call to alloca in a loop
CWE‑400 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑400 C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE‑401 C++ cpp/catch-missing-free Leaky catch
CWE‑401 C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE‑401 C++ cpp/memory-never-freed Memory is never freed
CWE‑401 C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE‑401 C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE‑404 C++ cpp/catch-missing-free Leaky catch
CWE‑404 C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE‑404 C++ cpp/descriptor-never-closed Open descriptor never closed
CWE‑404 C++ cpp/file-may-not-be-closed Open file may not be closed
CWE‑404 C++ cpp/file-never-closed Open file is not closed
CWE‑404 C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE‑404 C++ cpp/memory-never-freed Memory is never freed
CWE‑404 C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE‑404 C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE‑404 C++ cpp/resource-not-released-in-destructor Resource not released in destructor
CWE‑415 C++ cpp/double-free Errors When Double Free
CWE‑415 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑416 C++ cpp/use-after-free Potential use after free
CWE‑428 C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess
CWE‑435 C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE‑456 C++ cpp/initialization-not-run Initialization code not run
CWE‑457 C++ cpp/global-use-before-init Global variable may be used before initialization
CWE‑457 C++ cpp/not-initialised Variable not initialized before use
CWE‑457 C++ cpp/uninitialized-local Potentially uninitialized local variable
CWE‑457 C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable
CWE‑467 C++ cpp/suspicious-sizeof Suspicious 'sizeof' use
CWE‑468 C++ cpp/suspicious-pointer-scaling Suspicious pointer scaling
CWE‑468 C++ cpp/incorrect-pointer-scaling-char Suspicious pointer scaling to char
CWE‑468 C++ cpp/suspicious-pointer-scaling-void Suspicious pointer scaling to void
CWE‑468 C++ cpp/suspicious-add-sizeof Suspicious add with sizeof
CWE‑476 C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer
CWE‑476 C++ cpp/missing-null-test Returned pointer not checked
CWE‑476 C++ cpp/inconsistent-null-check Inconsistent nullness check
CWE‑476 C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference
CWE‑476 C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter
CWE‑476 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑478 C++ cpp/missing-case-in-switch Missing enum case in switch
CWE‑478 C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE‑480 C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE‑480 C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE‑480 C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage
CWE‑480 C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag
CWE‑480 C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE‑480 C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE‑481 C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE‑482 C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE‑497 C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE‑497 C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE‑522 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑546 C++ cpp/fixme-comment FIXME comment
CWE‑546 C++ cpp/todo-comment TODO comment
CWE‑560 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑561 C++ cpp/unused-static-function Unused static function
CWE‑561 C++ cpp/dead-code-condition Branching condition always evaluates to same value
CWE‑561 C++ cpp/dead-code-function Function is never called
CWE‑561 C++ cpp/dead-code-goto Dead code due to goto or break statement
CWE‑561 C++ cpp/useless-expression Expression has no effect
CWE‑561 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑561 C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE‑563 C++ cpp/unused-local-variable Unused local variable
CWE‑563 C++ cpp/unused-static-variable Unused static variable
CWE‑563 C++ cpp/unused-variable Variable is assigned a value that is never read
CWE‑570 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑573 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑573 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑573 C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE‑573 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑573 C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE‑573 C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE‑573 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑573 C++ cpp/twice-locked Mutex locked twice
CWE‑573 C++ cpp/unreleased-lock Lock may not be released
CWE‑573 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑573 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑573 C++ cpp/double-free Errors When Double Free
CWE‑573 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑573 C++ cpp/double-release Errors When Double Release
CWE‑592 C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE‑610 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑610 C++ cpp/external-entity-expansion XML external entity expansion
CWE‑611 C++ cpp/external-entity-expansion XML external entity expansion
CWE‑628 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑628 C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE‑628 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑628 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑642 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑662 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑662 C++ cpp/twice-locked Mutex locked twice
CWE‑662 C++ cpp/unreleased-lock Lock may not be released
CWE‑664 C++ cpp/catch-missing-free Leaky catch
CWE‑664 C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE‑664 C++ cpp/descriptor-never-closed Open descriptor never closed
CWE‑664 C++ cpp/file-may-not-be-closed Open file may not be closed
CWE‑664 C++ cpp/file-never-closed Open file is not closed
CWE‑664 C++ cpp/global-use-before-init Global variable may be used before initialization
CWE‑664 C++ cpp/initialization-not-run Initialization code not run
CWE‑664 C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE‑664 C++ cpp/memory-never-freed Memory is never freed
CWE‑664 C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE‑664 C++ cpp/not-initialised Variable not initialized before use
CWE‑664 C++ cpp/use-after-free Potential use after free
CWE‑664 C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE‑664 C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE‑664 C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE‑664 C++ cpp/alloca-in-loop Call to alloca in a loop
CWE‑664 C++ cpp/improper-null-termination Potential improper null termination
CWE‑664 C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE‑664 C++ cpp/uninitialized-local Potentially uninitialized local variable
CWE‑664 C++ cpp/using-expired-stack-address Use of expired stack-address
CWE‑664 C++ cpp/self-assignment-check Self assignment check
CWE‑664 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑664 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑664 C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE‑664 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑664 C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE‑664 C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE‑664 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑664 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑664 C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE‑664 C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess
CWE‑664 C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable
CWE‑664 C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE‑664 C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE‑664 C++ cpp/external-entity-expansion XML external entity expansion
CWE‑664 C++ cpp/incorrect-string-type-conversion Cast from char to wchar_t
CWE‑664 C++ cpp/world-writable-file-creation File created without restricting permissions
CWE‑664 C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE‑664 C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE‑664 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑664 C++ cpp/twice-locked Mutex locked twice
CWE‑664 C++ cpp/unreleased-lock Lock may not be released
CWE‑664 C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions.
CWE‑664 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑664 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑664 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑664 C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE‑664 C++ cpp/private-cleartext-write Exposure of private information
CWE‑664 C++ cpp/insecure-generation-of-filename Insecure generation of filenames.
CWE‑664 C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE‑664 C++ cpp/double-free Errors When Double Free
CWE‑664 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑664 C++ cpp/double-release Errors When Double Release
CWE‑664 C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE‑664 C++ cpp/resource-not-released-in-destructor Resource not released in destructor
CWE‑665 C++ cpp/global-use-before-init Global variable may be used before initialization
CWE‑665 C++ cpp/initialization-not-run Initialization code not run
CWE‑665 C++ cpp/not-initialised Variable not initialized before use
CWE‑665 C++ cpp/alloca-in-loop Call to alloca in a loop
CWE‑665 C++ cpp/improper-null-termination Potential improper null termination
CWE‑665 C++ cpp/uninitialized-local Potentially uninitialized local variable
CWE‑665 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑665 C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable
CWE‑666 C++ cpp/use-after-free Potential use after free
CWE‑666 C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE‑666 C++ cpp/using-expired-stack-address Use of expired stack-address
CWE‑666 C++ cpp/self-assignment-check Self assignment check
CWE‑666 C++ cpp/double-free Errors When Double Free
CWE‑666 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑666 C++ cpp/double-release Errors When Double Release
CWE‑667 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑667 C++ cpp/twice-locked Mutex locked twice
CWE‑667 C++ cpp/unreleased-lock Lock may not be released
CWE‑668 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑668 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑668 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑668 C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess
CWE‑668 C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere
CWE‑668 C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere
CWE‑668 C++ cpp/world-writable-file-creation File created without restricting permissions
CWE‑668 C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE‑668 C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE‑668 C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions.
CWE‑668 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑668 C++ cpp/private-cleartext-write Exposure of private information
CWE‑668 C++ cpp/insecure-generation-of-filename Insecure generation of filenames.
CWE‑669 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑670 C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE‑670 C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE‑670 C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage
CWE‑670 C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag
CWE‑670 C++ cpp/unsafe-use-of-this Unsafe use of this in constructor
CWE‑670 C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE‑670 C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE‑672 C++ cpp/use-after-free Potential use after free
CWE‑672 C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE‑672 C++ cpp/using-expired-stack-address Use of expired stack-address
CWE‑672 C++ cpp/double-free Errors When Double Free
CWE‑672 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑675 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑675 C++ cpp/twice-locked Mutex locked twice
CWE‑675 C++ cpp/unreleased-lock Lock may not be released
CWE‑675 C++ cpp/double-free Errors When Double Free
CWE‑675 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑675 C++ cpp/double-release Errors When Double Release
CWE‑676 C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE‑676 C++ cpp/suspicious-call-to-memset Suspicious call to memset
CWE‑676 C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE‑676 C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE‑676 C++ cpp/dangerous-function-overflow Use of dangerous function
CWE‑676 C++ cpp/dangerous-cin Dangerous use of 'cin'
CWE‑676 C++ cpp/potentially-dangerous-function Use of potentially dangerous function
CWE‑681 C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE‑681 C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE‑681 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑681 C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE‑682 C++ cpp/overflow-calculated Buffer not sufficient for string
CWE‑682 C++ cpp/overflow-destination Copy function using source size
CWE‑682 C++ cpp/static-buffer-overflow Static array access may cause overflow
CWE‑682 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑682 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑682 C++ cpp/ambiguously-signed-bit-field Ambiguously signed bit-field member
CWE‑682 C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE‑682 C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE‑682 C++ cpp/signed-overflow-check Signed overflow check
CWE‑682 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑682 C++ cpp/suspicious-sizeof Suspicious 'sizeof' use
CWE‑682 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑682 C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression
CWE‑682 C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression
CWE‑682 C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression
CWE‑682 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑682 C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE‑682 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑682 C++ cpp/unsigned-difference-expression-compared-zero Unsigned difference expression compared to zero
CWE‑682 C++ cpp/suspicious-pointer-scaling Suspicious pointer scaling
CWE‑682 C++ cpp/incorrect-pointer-scaling-char Suspicious pointer scaling to char
CWE‑682 C++ cpp/suspicious-pointer-scaling-void Suspicious pointer scaling to void
CWE‑682 C++ cpp/suspicious-add-sizeof Suspicious add with sizeof
CWE‑682 C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation
CWE‑682 C++ cpp/dangerous-use-of-transformation-after-operation Dangerous use of transformation after operation.
CWE‑682 C++ cpp/signed-bit-field Possible signed bit-field member
CWE‑685 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑685 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑686 C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE‑687 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑691 C++ cpp/assign-where-compare-meant Assignment where comparison was intended
CWE‑691 C++ cpp/compare-where-assign-meant Comparison where assignment was intended
CWE‑691 C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage
CWE‑691 C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag
CWE‑691 C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop
CWE‑691 C++ cpp/unsafe-use-of-this Unsafe use of this in constructor
CWE‑691 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑691 C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition
CWE‑691 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑691 C++ cpp/twice-locked Mutex locked twice
CWE‑691 C++ cpp/unreleased-lock Lock may not be released
CWE‑691 C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition
CWE‑691 C++ cpp/linux-kernel-double-fetch-vulnerability Linux kernel double-fetch vulnerability detection
CWE‑691 C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE‑691 C++ cpp/errors-after-refactoring Errors After Refactoring
CWE‑691 C++ cpp/errors-when-using-bit-operations Errors When Using Bit Operations
CWE‑691 C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE‑691 C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE‑691 C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE‑693 C++ cpp/boost/tls-settings-misconfiguration Boost_asio TLS Settings Misconfiguration
CWE‑693 C++ cpp/boost/use-of-deprecated-hardcoded-security-protocol boost::asio Use of deprecated hardcoded Protocol
CWE‑693 C++ cpp/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data
CWE‑693 C++ cpp/count-untrusted-data-external-api-ir Frequency counts for external APIs that are used with untrusted data
CWE‑693 C++ cpp/untrusted-data-to-external-api-ir Untrusted data passed to external API
CWE‑693 C++ cpp/untrusted-data-to-external-api Untrusted data passed to external API
CWE‑693 C++ cpp/uncontrolled-process-operation Uncontrolled process operation
CWE‑693 C++ cpp/unclear-array-index-validation Unclear validation of array index
CWE‑693 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑693 C++ cpp/user-controlled-bypass Authentication bypass by spoofing
CWE‑693 C++ cpp/certificate-result-conflation Certificate result conflation
CWE‑693 C++ cpp/certificate-not-checked Certificate not checked
CWE‑693 C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE‑693 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑693 C++ cpp/cleartext-transmission Cleartext transmission of sensitive information
CWE‑693 C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE‑693 C++ cpp/non-https-url Failure to use HTTPS URLs
CWE‑693 C++ cpp/insufficient-key-size Use of a cryptographic algorithm with insufficient key size
CWE‑693 C++ cpp/weak-cryptographic-algorithm Use of a broken or risky cryptographic algorithm
CWE‑693 C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE‑693 C++ cpp/world-writable-file-creation File created without restricting permissions
CWE‑693 C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE‑693 C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE‑693 C++ cpp/tainted-permissions-check Untrusted input for a condition
CWE‑693 C++ cpp/late-check-of-function-argument Late Check Of Function Argument
CWE‑693 C++ cpp/linux-kernel-no-check-before-unsafe-put-user Linux kernel no check before unsafe_put_user vulnerability detection
CWE‑693 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑693 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑693 C++ cpp/pam-auth-bypass PAM Authorization bypass
CWE‑697 C++ cpp/missing-case-in-switch Missing enum case in switch
CWE‑697 C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE‑703 C++ cpp/return-value-ignored Return value of a function is ignored
CWE‑703 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑703 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑703 C++ cpp/inconsistent-call-on-result Inconsistent operation on return value
CWE‑703 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑703 C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE‑703 C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE‑703 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑703 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑703 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑703 C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE‑703 C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE‑704 C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition
CWE‑704 C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type
CWE‑704 C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE‑704 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑704 C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow
CWE‑704 C++ cpp/incorrect-string-type-conversion Cast from char to wchar_t
CWE‑705 C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE‑706 C++ cpp/path-injection Uncontrolled data used in path expression
CWE‑707 C++ cpp/non-constant-format Non-constant format string
CWE‑707 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑707 C++ cpp/improper-null-termination Potential improper null termination
CWE‑707 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑707 C++ cpp/command-line-injection Uncontrolled data used in OS command
CWE‑707 C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting
CWE‑707 C++ cpp/sql-injection Uncontrolled data in SQL query
CWE‑707 C++ cpp/tainted-format-string Uncontrolled format string
CWE‑707 C++ cpp/tainted-format-string-through-global Uncontrolled format string (through global variable)
CWE‑707 C++ cpp/user-controlled-null-termination-tainted User-controlled data may not be null terminated
CWE‑710 C++ cpp/unused-local-variable Unused local variable
CWE‑710 C++ cpp/unused-static-function Unused static function
CWE‑710 C++ cpp/unused-static-variable Unused static variable
CWE‑710 C++ cpp/dead-code-condition Branching condition always evaluates to same value
CWE‑710 C++ cpp/dead-code-function Function is never called
CWE‑710 C++ cpp/dead-code-goto Dead code due to goto or break statement
CWE‑710 C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer
CWE‑710 C++ cpp/missing-null-test Returned pointer not checked
CWE‑710 C++ cpp/unused-variable Variable is assigned a value that is never read
CWE‑710 C++ cpp/fixme-comment FIXME comment
CWE‑710 C++ cpp/todo-comment TODO comment
CWE‑710 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑710 C++ cpp/wrong-number-format-arguments Too few arguments to formatting function
CWE‑710 C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function
CWE‑710 C++ cpp/inconsistent-null-check Inconsistent nullness check
CWE‑710 C++ cpp/useless-expression Expression has no effect
CWE‑710 C++ cpp/pointer-overflow-check Pointer overflow check
CWE‑710 C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy
CWE‑710 C++ cpp/suspicious-call-to-memset Suspicious call to memset
CWE‑710 C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE‑710 C++ cpp/unsafe-strcat Potentially unsafe use of strcat
CWE‑710 C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference
CWE‑710 C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters
CWE‑710 C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE‑710 C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE‑710 C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE‑710 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑710 C++ cpp/dangerous-function-overflow Use of dangerous function
CWE‑710 C++ cpp/dangerous-cin Dangerous use of 'cin'
CWE‑710 C++ cpp/potentially-dangerous-function Use of potentially dangerous function
CWE‑710 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑710 C++ cpp/twice-locked Mutex locked twice
CWE‑710 C++ cpp/unreleased-lock Lock may not be released
CWE‑710 C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter
CWE‑710 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑710 C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function.
CWE‑710 C++ cpp/double-free Errors When Double Free
CWE‑710 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑710 C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement
CWE‑710 C++ cpp/double-release Errors When Double Release
CWE‑710 C++ cpp/errors-of-undefined-program-behavior Errors Of Undefined Program Behavior
CWE‑732 C++ cpp/world-writable-file-creation File created without restricting permissions
CWE‑732 C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument
CWE‑732 C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR
CWE‑733 C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE‑754 C++ cpp/return-value-ignored Return value of a function is ignored
CWE‑754 C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf
CWE‑754 C++ cpp/inconsistent-call-on-result Inconsistent operation on return value
CWE‑754 C++ cpp/ignore-return-value-sal SAL requires inspecting return value
CWE‑754 C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type
CWE‑754 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑754 C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors.
CWE‑754 C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder
CWE‑754 C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE‑755 C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling
CWE‑755 C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions
CWE‑758 C++ cpp/pointer-overflow-check Pointer overflow check
CWE‑758 C++ cpp/memset-may-be-deleted Call to memset may be deleted
CWE‑758 C++ cpp/errors-of-undefined-program-behavior Errors Of Undefined Program Behavior
CWE‑764 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑764 C++ cpp/twice-locked Mutex locked twice
CWE‑764 C++ cpp/unreleased-lock Lock may not be released
CWE‑770 C++ cpp/alloca-in-loop Call to alloca in a loop
CWE‑770 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑772 C++ cpp/catch-missing-free Leaky catch
CWE‑772 C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE‑772 C++ cpp/descriptor-never-closed Open descriptor never closed
CWE‑772 C++ cpp/file-may-not-be-closed Open file may not be closed
CWE‑772 C++ cpp/file-never-closed Open file is not closed
CWE‑772 C++ cpp/memory-may-not-be-freed Memory may not be freed
CWE‑772 C++ cpp/memory-never-freed Memory is never freed
CWE‑772 C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete
CWE‑772 C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc
CWE‑775 C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed
CWE‑775 C++ cpp/descriptor-never-closed Open descriptor never closed
CWE‑775 C++ cpp/file-may-not-be-closed Open file may not be closed
CWE‑775 C++ cpp/file-never-closed Open file is not closed
CWE‑783 C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations
CWE‑783 C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type
CWE‑787 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑787 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑787 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑787 C++ cpp/badly-bounded-write Badly bounded write
CWE‑787 C++ cpp/overrunning-write Potentially overrunning write
CWE‑787 C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE‑787 C++ cpp/unbounded-write Unbounded write
CWE‑787 C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE‑787 C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE‑787 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑787 C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic
CWE‑788 C++ cpp/allocation-too-small Not enough memory allocated for pointer type
CWE‑788 C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type
CWE‑788 C++ cpp/unsafe-strncat Potentially unsafe call to strncat
CWE‑788 C++ cpp/overflow-buffer Call to memory access function may overflow buffer
CWE‑788 C++ cpp/unterminated-variadic-call Unterminated variadic call
CWE‑788 C++ cpp/no-space-for-terminator No space for zero terminator
CWE‑788 C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed
CWE‑788 C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer
CWE‑789 C++ cpp/uncontrolled-allocation-size Overflow in uncontrolled allocation size
CWE‑805 C++ cpp/badly-bounded-write Badly bounded write
CWE‑805 C++ cpp/overrunning-write Potentially overrunning write
CWE‑805 C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion
CWE‑805 C++ cpp/unbounded-write Unbounded write
CWE‑805 C++ cpp/very-likely-overrunning-write Likely overrunning write
CWE‑807 C++ cpp/tainted-permissions-check Untrusted input for a condition
CWE‑823 C++ cpp/late-negative-test Pointer offset used before it is checked
CWE‑823 C++ cpp/missing-negativity-test Unchecked return value used as offset
CWE‑825 C++ cpp/use-after-free Potential use after free
CWE‑825 C++ cpp/return-stack-allocated-memory Returning stack-allocated memory
CWE‑825 C++ cpp/using-expired-stack-address Use of expired stack-address
CWE‑825 C++ cpp/double-free Errors When Double Free
CWE‑825 C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks.
CWE‑826 C++ cpp/self-assignment-check Self assignment check
CWE‑833 C++ cpp/lock-order-cycle Cyclic lock order dependency
CWE‑833 C++ cpp/twice-locked Mutex locked twice
CWE‑833 C++ cpp/unreleased-lock Lock may not be released
CWE‑834 C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop
CWE‑834 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑834 C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition
CWE‑835 C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop
CWE‑835 C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition
CWE‑835 C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition
CWE‑843 C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic
CWE‑908 C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf
CWE‑909 C++ cpp/initialization-not-run Initialization code not run
CWE‑922 C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer
CWE‑922 C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file
CWE‑922 C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database
CWE‑943 C++ cpp/sql-injection Uncontrolled data in SQL query
CWE‑1041 C++ cpp/call-to-function-without-wrapper Missed opportunity to call wrapper function
CWE‑1126 C++ cpp/errors-when-using-variable-declaration-inside-loop Errors When Using Variable Declaration Inside Loop
  • © GitHub, Inc.
  • Terms
  • Privacy