Home Original page

CWE coverage for C and C++ — CodeQL query help documentation

CWE-14 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted CWE-20 C/C++ cpp/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data CWE-20 C/C++ cpp/count-untrusted-data-external-api-ir Frequency counts for external APIs that are used with untrusted data CWE-20 C/C++ cpp/untrusted-data-to-external-api-ir Untrusted data passed to external API CWE-20 C/C++ cpp/untrusted-data-to-external-api Untrusted data passed to external API CWE-20 C/C++ cpp/uncontrolled-process-operation Uncontrolled process operation CWE-20 C/C++ cpp/unclear-array-index-validation Unclear validation of array index CWE-20 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-20 C/C++ cpp/late-check-of-function-argument Late Check Of Function Argument CWE-20 C/C++ cpp/linux-kernel-no-check-before-unsafe-put-user Linux kernel no check before unsafe_put_user vulnerability detection CWE-22 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-23 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-36 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-73 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-74 C/C++ cpp/non-constant-format Non-constant format string CWE-74 C/C++ cpp/command-line-injection Uncontrolled data used in OS command CWE-74 C/C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting CWE-74 C/C++ cpp/sql-injection Uncontrolled data in SQL query CWE-74 C/C++ cpp/tainted-format-string Uncontrolled format string CWE-74 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command CWE-77 C/C++ cpp/command-line-injection Uncontrolled data used in OS command CWE-77 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command CWE-78 C/C++ cpp/command-line-injection Uncontrolled data used in OS command CWE-78 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command CWE-79 C/C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting CWE-88 C/C++ cpp/command-line-injection Uncontrolled data used in OS command CWE-89 C/C++ cpp/sql-injection Uncontrolled data in SQL query CWE-114 C/C++ cpp/uncontrolled-process-operation Uncontrolled process operation CWE-118 C/C++ cpp/offset-use-before-range-check Array offset used before range check CWE-118 C/C++ cpp/double-free Potential double free CWE-118 C/C++ cpp/late-negative-test Pointer offset used before it is checked CWE-118 C/C++ cpp/missing-negativity-test Unchecked return value used as offset CWE-118 C/C++ cpp/overflow-calculated Buffer not sufficient for string CWE-118 C/C++ cpp/overflow-destination Copy function using source size CWE-118 C/C++ cpp/static-buffer-overflow Static array access may cause overflow CWE-118 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-118 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-118 C/C++ cpp/use-after-free Potential use after free CWE-118 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic CWE-118 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory CWE-118 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy CWE-118 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat CWE-118 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat CWE-118 C/C++ cpp/using-expired-stack-address Use of expired stack-address CWE-118 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-118 C/C++ cpp/overrun-write Overrunning write CWE-118 C/C++ cpp/badly-bounded-write Badly bounded write CWE-118 C/C++ cpp/overrunning-write Potentially overrunning write CWE-118 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion CWE-118 C/C++ cpp/unbounded-write Unbounded write CWE-118 C/C++ cpp/very-likely-overrunning-write Likely overrunning write CWE-118 C/C++ cpp/unterminated-variadic-call Unterminated variadic call CWE-118 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-118 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference CWE-118 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed CWE-118 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-118 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-118 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-118 C/C++ cpp/memory-unsafe-function-scan Scanf function without a specified length CWE-118 C/C++ cpp/dangerous-use-convert-function Dangerous use convert function CWE-118 C/C++ cpp/experimental-double-free Errors When Double Free CWE-118 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-118 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-118 C/C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic CWE-118 C/C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer CWE-118 C/C++ cpp/buffer-access-with-incorrect-length-value Buffer access with incorrect length value CWE-119 C/C++ cpp/offset-use-before-range-check Array offset used before range check CWE-119 C/C++ cpp/double-free Potential double free CWE-119 C/C++ cpp/late-negative-test Pointer offset used before it is checked CWE-119 C/C++ cpp/missing-negativity-test Unchecked return value used as offset CWE-119 C/C++ cpp/overflow-calculated Buffer not sufficient for string CWE-119 C/C++ cpp/overflow-destination Copy function using source size CWE-119 C/C++ cpp/static-buffer-overflow Static array access may cause overflow CWE-119 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-119 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-119 C/C++ cpp/use-after-free Potential use after free CWE-119 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic CWE-119 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory CWE-119 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy CWE-119 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat CWE-119 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat CWE-119 C/C++ cpp/using-expired-stack-address Use of expired stack-address CWE-119 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-119 C/C++ cpp/overrun-write Overrunning write CWE-119 C/C++ cpp/badly-bounded-write Badly bounded write CWE-119 C/C++ cpp/overrunning-write Potentially overrunning write CWE-119 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion CWE-119 C/C++ cpp/unbounded-write Unbounded write CWE-119 C/C++ cpp/very-likely-overrunning-write Likely overrunning write CWE-119 C/C++ cpp/unterminated-variadic-call Unterminated variadic call CWE-119 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-119 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference CWE-119 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed CWE-119 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-119 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-119 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-119 C/C++ cpp/memory-unsafe-function-scan Scanf function without a specified length CWE-119 C/C++ cpp/dangerous-use-convert-function Dangerous use convert function CWE-119 C/C++ cpp/experimental-double-free Errors When Double Free CWE-119 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-119 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-119 C/C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic CWE-119 C/C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer CWE-119 C/C++ cpp/buffer-access-with-incorrect-length-value Buffer access with incorrect length value CWE-120 C/C++ cpp/offset-use-before-range-check Array offset used before range check CWE-120 C/C++ cpp/overflow-calculated Buffer not sufficient for string CWE-120 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat CWE-120 C/C++ cpp/badly-bounded-write Badly bounded write CWE-120 C/C++ cpp/overrunning-write Potentially overrunning write CWE-120 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion CWE-120 C/C++ cpp/unbounded-write Unbounded write CWE-120 C/C++ cpp/very-likely-overrunning-write Likely overrunning write CWE-120 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-120 C/C++ cpp/memory-unsafe-function-scan Scanf function without a specified length CWE-121 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-121 C/C++ cpp/unterminated-variadic-call Unterminated variadic call CWE-122 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-122 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-122 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-122 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-125 C/C++ cpp/offset-use-before-range-check Array offset used before range check CWE-125 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-125 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference CWE-125 C/C++ cpp/dangerous-use-convert-function Dangerous use convert function CWE-126 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-128 C/C++ cpp/signed-overflow-check Signed overflow check CWE-128 C/C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation CWE-129 C/C++ cpp/unclear-array-index-validation Unclear validation of array index CWE-131 C/C++ cpp/overflow-calculated Buffer not sufficient for string CWE-131 C/C++ cpp/overflow-destination Copy function using source size CWE-131 C/C++ cpp/static-buffer-overflow Static array access may cause overflow CWE-131 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-131 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-131 C/C++ cpp/overrun-write Overrunning write CWE-131 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-134 C/C++ cpp/non-constant-format Non-constant format string CWE-134 C/C++ cpp/tainted-format-string Uncontrolled format string CWE-170 C/C++ cpp/improper-null-termination Potential improper null termination CWE-170 C/C++ cpp/user-controlled-null-termination-tainted User-controlled data may not be null terminated CWE-190 C/C++ cpp/ambiguously-signed-bit-field Ambiguously signed bit-field member CWE-190 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition CWE-190 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type CWE-190 C/C++ cpp/signed-overflow-check Signed overflow check CWE-190 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-190 C/C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression CWE-190 C/C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression CWE-190 C/C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression CWE-190 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-190 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow CWE-190 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-190 C/C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation CWE-190 C/C++ cpp/dangerous-use-of-transformation-after-operation Dangerous use of transformation after operation CWE-190 C/C++ cpp/signed-bit-field Possible signed bit-field member CWE-191 C/C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression CWE-191 C/C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression CWE-191 C/C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression CWE-191 C/C++ cpp/unsigned-difference-expression-compared-zero Unsigned difference expression compared to zero CWE-193 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference CWE-197 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type CWE-197 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-197 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow CWE-200 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-200 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere CWE-200 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere CWE-200 C/C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions CWE-200 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-200 C/C++ cpp/private-cleartext-write Exposure of private information CWE-227 C/C++ cpp/double-free Potential double free CWE-227 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function CWE-227 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-227 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-227 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-227 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function CWE-227 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-227 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value CWE-227 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type CWE-227 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-227 C/C++ cpp/twice-locked Mutex locked twice CWE-227 C/C++ cpp/unreleased-lock Lock may not be released CWE-227 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-227 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-227 C/C++ cpp/experimental-double-free Errors When Double Free CWE-227 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-227 C/C++ cpp/double-release Errors When Double Release CWE-228 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-228 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-233 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-233 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-234 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-234 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-242 C/C++ cpp/dangerous-function-overflow Use of dangerous function CWE-243 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-248 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions CWE-252 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-252 C/C++ cpp/return-value-ignored Return value of a function is ignored CWE-252 C/C++ cpp/inconsistent-call-on-result Inconsistent operation on return value CWE-252 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value CWE-252 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-252 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-253 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function CWE-253 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-253 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-253 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type CWE-260 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-266 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-269 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-269 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-271 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-273 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-284 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing CWE-284 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-284 C/C++ cpp/world-writable-file-creation File created without restricting permissions CWE-284 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument CWE-284 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR CWE-284 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-284 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-284 C/C++ cpp/pam-auth-bypass PAM Authorization bypass CWE-285 C/C++ cpp/world-writable-file-creation File created without restricting permissions CWE-285 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument CWE-285 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR CWE-285 C/C++ cpp/pam-auth-bypass PAM Authorization bypass CWE-287 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing CWE-287 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-290 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing CWE-295 C/C++ cpp/certificate-result-conflation Certificate result conflation CWE-295 C/C++ cpp/certificate-not-checked Certificate not checked CWE-295 C/C++ cpp/curl-disabled-ssl Disabled certifcate verification CWE-311 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer CWE-311 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-311 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-311 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database CWE-311 C/C++ cpp/non-https-url Failure to use HTTPS URLs CWE-312 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer CWE-312 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-312 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database CWE-313 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-313 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database CWE-319 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-319 C/C++ cpp/non-https-url Failure to use HTTPS URLs CWE-326 C/C++ cpp/boost/tls-settings-misconfiguration boost::asio TLS settings misconfiguration CWE-326 C/C++ cpp/insufficient-key-size Use of a cryptographic algorithm with insufficient key size CWE-326 C/C++ cpp/unknown-asymmetric-key-gen-size Unknown key generation key size CWE-326 C/C++ cpp/weak-asymmetric-key-gen-size Weak asymmetric key generation key size (< 2048 bits) CWE-327 C/C++ cpp/boost/use-of-deprecated-hardcoded-security-protocol boost::asio use of deprecated hardcoded protocol CWE-327 C/C++ cpp/weak-cryptographic-algorithm Use of a broken or risky cryptographic algorithm CWE-327 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed CWE-327 C/C++ cpp/weak-block-mode Weak block mode CWE-327 C/C++ cpp/weak-elliptic-curve Weak elliptic curve CWE-327 C/C++ cpp/weak-crypto/banned-encryption-algorithms Weak cryptography CWE-327 C/C++ cpp/weak-crypto/banned-hash-algorithms Weak cryptography CWE-345 C/C++ cpp/non-https-url Failure to use HTTPS URLs CWE-359 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-359 C/C++ cpp/private-cleartext-write Exposure of private information CWE-362 C/C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition CWE-362 C/C++ cpp/linux-kernel-double-fetch-vulnerability Linux kernel double-fetch vulnerability detection CWE-367 C/C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition CWE-369 C/C++ cpp/divide-by-zero-using-return-value Divide by zero using return value CWE-377 C/C++ cpp/insecure-generation-of-filename Insecure generation of filenames CWE-390 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions CWE-398 C/C++ cpp/unused-local-variable Unused local variable CWE-398 C/C++ cpp/unused-static-function Unused static function CWE-398 C/C++ cpp/unused-static-variable Unused static variable CWE-398 C/C++ cpp/dead-code-condition Branching condition always evaluates to same value CWE-398 C/C++ cpp/dead-code-function Function is never called CWE-398 C/C++ cpp/dead-code-goto Dead code due to goto or break statement CWE-398 C/C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer CWE-398 C/C++ cpp/missing-null-test Returned pointer not checked CWE-398 C/C++ cpp/unused-variable Variable is assigned a value that is never read CWE-398 C/C++ cpp/fixme-comment FIXME comment CWE-398 C/C++ cpp/todo-comment TODO comment CWE-398 C/C++ cpp/inconsistent-null-check Inconsistent nullness check CWE-398 C/C++ cpp/useless-expression Expression has no effect CWE-398 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy CWE-398 C/C++ cpp/suspicious-call-to-memset Suspicious call to memset CWE-398 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat CWE-398 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat CWE-398 C/C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference CWE-398 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-398 C/C++ cpp/dangerous-function-overflow Use of dangerous function CWE-398 C/C++ cpp/dangerous-cin Dangerous use of 'cin' CWE-398 C/C++ cpp/potentially-dangerous-function Use of potentially dangerous function CWE-398 C/C++ cpp/deref-null-result Null dereference from a function result CWE-398 C/C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter CWE-398 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-398 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement CWE-400 C/C++ cpp/catch-missing-free Leaky catch CWE-400 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed CWE-400 C/C++ cpp/descriptor-never-closed Open descriptor never closed CWE-400 C/C++ cpp/file-may-not-be-closed Open file may not be closed CWE-400 C/C++ cpp/file-never-closed Open file is not closed CWE-400 C/C++ cpp/memory-may-not-be-freed Memory may not be freed CWE-400 C/C++ cpp/memory-never-freed Memory is never freed CWE-400 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete CWE-400 C/C++ cpp/alloca-in-loop Call to alloca in a loop CWE-400 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-400 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc CWE-401 C/C++ cpp/catch-missing-free Leaky catch CWE-401 C/C++ cpp/memory-may-not-be-freed Memory may not be freed CWE-401 C/C++ cpp/memory-never-freed Memory is never freed CWE-401 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete CWE-401 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc CWE-404 C/C++ cpp/catch-missing-free Leaky catch CWE-404 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed CWE-404 C/C++ cpp/descriptor-never-closed Open descriptor never closed CWE-404 C/C++ cpp/file-may-not-be-closed Open file may not be closed CWE-404 C/C++ cpp/file-never-closed Open file is not closed CWE-404 C/C++ cpp/memory-may-not-be-freed Memory may not be freed CWE-404 C/C++ cpp/memory-never-freed Memory is never freed CWE-404 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete CWE-404 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc CWE-404 C/C++ cpp/resource-not-released-in-destructor Resource not released in destructor CWE-405 C/C++ cpp/data-decompression-bomb User-controlled file decompression CWE-409 C/C++ cpp/data-decompression-bomb User-controlled file decompression CWE-415 C/C++ cpp/double-free Potential double free CWE-415 C/C++ cpp/experimental-double-free Errors When Double Free CWE-415 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-416 C/C++ cpp/use-after-free Potential use after free CWE-416 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-416 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-416 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-416 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-428 C/C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess CWE-435 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted CWE-456 C/C++ cpp/initialization-not-run Initialization code not run CWE-457 C/C++ cpp/global-use-before-init Global variable may be used before initialization CWE-457 C/C++ cpp/not-initialised Variable not initialized before use CWE-457 C/C++ cpp/uninitialized-local Potentially uninitialized local variable CWE-457 C/C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable CWE-467 C/C++ cpp/suspicious-sizeof Suspicious 'sizeof' use CWE-468 C/C++ cpp/suspicious-pointer-scaling Suspicious pointer scaling CWE-468 C/C++ cpp/incorrect-pointer-scaling-char Suspicious pointer scaling to char CWE-468 C/C++ cpp/suspicious-pointer-scaling-void Suspicious pointer scaling to void CWE-468 C/C++ cpp/suspicious-add-sizeof Suspicious add with sizeof CWE-476 C/C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer CWE-476 C/C++ cpp/missing-null-test Returned pointer not checked CWE-476 C/C++ cpp/inconsistent-null-check Inconsistent nullness check CWE-476 C/C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference CWE-476 C/C++ cpp/deref-null-result Null dereference from a function result CWE-476 C/C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter CWE-476 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-478 C/C++ cpp/missing-case-in-switch Missing enum case in switch CWE-478 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement CWE-480 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended CWE-480 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended CWE-480 C/C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage CWE-480 C/C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag CWE-480 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations CWE-480 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type CWE-481 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended CWE-482 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended CWE-497 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere CWE-497 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere CWE-522 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-546 C/C++ cpp/fixme-comment FIXME comment CWE-546 C/C++ cpp/todo-comment TODO comment CWE-560 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-561 C/C++ cpp/unused-static-function Unused static function CWE-561 C/C++ cpp/dead-code-condition Branching condition always evaluates to same value CWE-561 C/C++ cpp/dead-code-function Function is never called CWE-561 C/C++ cpp/dead-code-goto Dead code due to goto or break statement CWE-561 C/C++ cpp/useless-expression Expression has no effect CWE-561 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-561 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement CWE-563 C/C++ cpp/unused-local-variable Unused local variable CWE-563 C/C++ cpp/unused-static-variable Unused static variable CWE-563 C/C++ cpp/unused-variable Variable is assigned a value that is never read CWE-570 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-573 C/C++ cpp/double-free Potential double free CWE-573 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function CWE-573 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-573 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-573 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-573 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function CWE-573 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-573 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value CWE-573 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type CWE-573 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-573 C/C++ cpp/twice-locked Mutex locked twice CWE-573 C/C++ cpp/unreleased-lock Lock may not be released CWE-573 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-573 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-573 C/C++ cpp/experimental-double-free Errors When Double Free CWE-573 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-573 C/C++ cpp/double-release Errors When Double Release CWE-592 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing CWE-610 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-610 C/C++ cpp/external-entity-expansion XML external entity expansion CWE-611 C/C++ cpp/external-entity-expansion XML external entity expansion CWE-628 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-628 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function CWE-628 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-628 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-642 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-662 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-662 C/C++ cpp/twice-locked Mutex locked twice CWE-662 C/C++ cpp/unreleased-lock Lock may not be released CWE-664 C/C++ cpp/catch-missing-free Leaky catch CWE-664 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed CWE-664 C/C++ cpp/descriptor-never-closed Open descriptor never closed CWE-664 C/C++ cpp/double-free Potential double free CWE-664 C/C++ cpp/file-may-not-be-closed Open file may not be closed CWE-664 C/C++ cpp/file-never-closed Open file is not closed CWE-664 C/C++ cpp/global-use-before-init Global variable may be used before initialization CWE-664 C/C++ cpp/initialization-not-run Initialization code not run CWE-664 C/C++ cpp/memory-may-not-be-freed Memory may not be freed CWE-664 C/C++ cpp/memory-never-freed Memory is never freed CWE-664 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete CWE-664 C/C++ cpp/not-initialised Variable not initialized before use CWE-664 C/C++ cpp/use-after-free Potential use after free CWE-664 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition CWE-664 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type CWE-664 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic CWE-664 C/C++ cpp/alloca-in-loop Call to alloca in a loop CWE-664 C/C++ cpp/improper-null-termination Potential improper null termination CWE-664 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory CWE-664 C/C++ cpp/uninitialized-local Potentially uninitialized local variable CWE-664 C/C++ cpp/using-expired-stack-address Use of expired stack-address CWE-664 C/C++ cpp/self-assignment-check Self assignment check CWE-664 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-664 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-664 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow CWE-664 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-664 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing CWE-664 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer CWE-664 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-664 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-664 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database CWE-664 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-664 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-664 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-664 C/C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess CWE-664 C/C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable CWE-664 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere CWE-664 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere CWE-664 C/C++ cpp/external-entity-expansion XML external entity expansion CWE-664 C/C++ cpp/incorrect-string-type-conversion Cast from char to wchar_t CWE-664 C/C++ cpp/world-writable-file-creation File created without restricting permissions CWE-664 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument CWE-664 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR CWE-664 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-664 C/C++ cpp/twice-locked Mutex locked twice CWE-664 C/C++ cpp/unreleased-lock Lock may not be released CWE-664 C/C++ cpp/type-confusion Type confusion CWE-664 C/C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions CWE-664 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-664 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-664 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-664 C/C++ cpp/pam-auth-bypass PAM Authorization bypass CWE-664 C/C++ cpp/private-cleartext-write Exposure of private information CWE-664 C/C++ cpp/insecure-generation-of-filename Insecure generation of filenames CWE-664 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc CWE-664 C/C++ cpp/data-decompression-bomb User-controlled file decompression CWE-664 C/C++ cpp/experimental-double-free Errors When Double Free CWE-664 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-664 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-664 C/C++ cpp/double-release Errors When Double Release CWE-664 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf CWE-664 C/C++ cpp/resource-not-released-in-destructor Resource not released in destructor CWE-665 C/C++ cpp/global-use-before-init Global variable may be used before initialization CWE-665 C/C++ cpp/initialization-not-run Initialization code not run CWE-665 C/C++ cpp/not-initialised Variable not initialized before use CWE-665 C/C++ cpp/alloca-in-loop Call to alloca in a loop CWE-665 C/C++ cpp/improper-null-termination Potential improper null termination CWE-665 C/C++ cpp/uninitialized-local Potentially uninitialized local variable CWE-665 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-665 C/C++ cpp/conditionally-uninitialized-variable Conditionally uninitialized variable CWE-666 C/C++ cpp/double-free Potential double free CWE-666 C/C++ cpp/use-after-free Potential use after free CWE-666 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory CWE-666 C/C++ cpp/using-expired-stack-address Use of expired stack-address CWE-666 C/C++ cpp/self-assignment-check Self assignment check CWE-666 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-666 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-666 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-666 C/C++ cpp/experimental-double-free Errors When Double Free CWE-666 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-666 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-666 C/C++ cpp/double-release Errors When Double Release CWE-667 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-667 C/C++ cpp/twice-locked Mutex locked twice CWE-667 C/C++ cpp/unreleased-lock Lock may not be released CWE-668 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-668 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-668 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-668 C/C++ cpp/unsafe-create-process-call NULL application name with an unquoted path in call to CreateProcess CWE-668 C/C++ cpp/system-data-exposure Exposure of system data to an unauthorized control sphere CWE-668 C/C++ cpp/potential-system-data-exposure Potential exposure of sensitive system data to an unauthorized control sphere CWE-668 C/C++ cpp/world-writable-file-creation File created without restricting permissions CWE-668 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument CWE-668 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR CWE-668 C/C++ cpp/work-with-file-without-permissions-rights Writing to a file without setting permissions CWE-668 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-668 C/C++ cpp/private-cleartext-write Exposure of private information CWE-668 C/C++ cpp/insecure-generation-of-filename Insecure generation of filenames CWE-669 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-670 C/C++ cpp/comma-before-misleading-indentation Comma before misleading indentation CWE-670 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended CWE-670 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended CWE-670 C/C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage CWE-670 C/C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag CWE-670 C/C++ cpp/unsafe-use-of-this Unsafe use of this in constructor CWE-670 C/C++ cpp/dangerous-use-of-ssl-shutdown Dangerous use SSL_shutdown CWE-670 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations CWE-670 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type CWE-672 C/C++ cpp/double-free Potential double free CWE-672 C/C++ cpp/use-after-free Potential use after free CWE-672 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory CWE-672 C/C++ cpp/using-expired-stack-address Use of expired stack-address CWE-672 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-672 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-672 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-672 C/C++ cpp/experimental-double-free Errors When Double Free CWE-672 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-672 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-675 C/C++ cpp/double-free Potential double free CWE-675 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-675 C/C++ cpp/twice-locked Mutex locked twice CWE-675 C/C++ cpp/unreleased-lock Lock may not be released CWE-675 C/C++ cpp/experimental-double-free Errors When Double Free CWE-675 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-675 C/C++ cpp/double-release Errors When Double Release CWE-676 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy CWE-676 C/C++ cpp/suspicious-call-to-memset Suspicious call to memset CWE-676 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat CWE-676 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat CWE-676 C/C++ cpp/dangerous-function-overflow Use of dangerous function CWE-676 C/C++ cpp/dangerous-cin Dangerous use of 'cin' CWE-676 C/C++ cpp/potentially-dangerous-function Use of potentially dangerous function CWE-681 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition CWE-681 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type CWE-681 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-681 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow CWE-682 C/C++ cpp/overflow-calculated Buffer not sufficient for string CWE-682 C/C++ cpp/overflow-destination Copy function using source size CWE-682 C/C++ cpp/static-buffer-overflow Static array access may cause overflow CWE-682 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-682 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-682 C/C++ cpp/ambiguously-signed-bit-field Ambiguously signed bit-field member CWE-682 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition CWE-682 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type CWE-682 C/C++ cpp/signed-overflow-check Signed overflow check CWE-682 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-682 C/C++ cpp/suspicious-sizeof Suspicious 'sizeof' use CWE-682 C/C++ cpp/overrun-write Overrunning write CWE-682 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-682 C/C++ cpp/tainted-arithmetic User-controlled data in arithmetic expression CWE-682 C/C++ cpp/uncontrolled-arithmetic Uncontrolled data in arithmetic expression CWE-682 C/C++ cpp/arithmetic-with-extreme-values Use of extreme values in arithmetic expression CWE-682 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-682 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow CWE-682 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-682 C/C++ cpp/unsigned-difference-expression-compared-zero Unsigned difference expression compared to zero CWE-682 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference CWE-682 C/C++ cpp/suspicious-pointer-scaling Suspicious pointer scaling CWE-682 C/C++ cpp/incorrect-pointer-scaling-char Suspicious pointer scaling to char CWE-682 C/C++ cpp/suspicious-pointer-scaling-void Suspicious pointer scaling to void CWE-682 C/C++ cpp/suspicious-add-sizeof Suspicious add with sizeof CWE-682 C/C++ cpp/multiplication-overflow-in-alloc Multiplication result may overflow and be used in allocation CWE-682 C/C++ cpp/dangerous-use-of-transformation-after-operation Dangerous use of transformation after operation CWE-682 C/C++ cpp/divide-by-zero-using-return-value Divide by zero using return value CWE-682 C/C++ cpp/signed-bit-field Possible signed bit-field member CWE-685 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-685 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-686 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function CWE-687 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-691 C/C++ cpp/comma-before-misleading-indentation Comma before misleading indentation CWE-691 C/C++ cpp/assign-where-compare-meant Assignment where comparison was intended CWE-691 C/C++ cpp/compare-where-assign-meant Comparison where assignment was intended CWE-691 C/C++ cpp/incorrect-not-operator-usage Incorrect 'not' operator usage CWE-691 C/C++ cpp/logical-operator-applied-to-flag Short-circuiting operator applied to flag CWE-691 C/C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop CWE-691 C/C++ cpp/unsafe-use-of-this Unsafe use of this in constructor CWE-691 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-691 C/C++ cpp/toctou-race-condition Time-of-check time-of-use filesystem race condition CWE-691 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-691 C/C++ cpp/twice-locked Mutex locked twice CWE-691 C/C++ cpp/unreleased-lock Lock may not be released CWE-691 C/C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition CWE-691 C/C++ cpp/linux-kernel-double-fetch-vulnerability Linux kernel double-fetch vulnerability detection CWE-691 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement CWE-691 C/C++ cpp/dangerous-use-of-ssl-shutdown Dangerous use SSL_shutdown CWE-691 C/C++ cpp/errors-after-refactoring Errors After Refactoring CWE-691 C/C++ cpp/errors-when-using-bit-operations Errors When Using Bit Operations CWE-691 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions CWE-691 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations CWE-691 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type CWE-693 C/C++ cpp/boost/tls-settings-misconfiguration boost::asio TLS settings misconfiguration CWE-693 C/C++ cpp/boost/use-of-deprecated-hardcoded-security-protocol boost::asio use of deprecated hardcoded protocol CWE-693 C/C++ cpp/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data CWE-693 C/C++ cpp/count-untrusted-data-external-api-ir Frequency counts for external APIs that are used with untrusted data CWE-693 C/C++ cpp/untrusted-data-to-external-api-ir Untrusted data passed to external API CWE-693 C/C++ cpp/untrusted-data-to-external-api Untrusted data passed to external API CWE-693 C/C++ cpp/uncontrolled-process-operation Uncontrolled process operation CWE-693 C/C++ cpp/unclear-array-index-validation Unclear validation of array index CWE-693 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-693 C/C++ cpp/user-controlled-bypass Authentication bypass by spoofing CWE-693 C/C++ cpp/certificate-result-conflation Certificate result conflation CWE-693 C/C++ cpp/certificate-not-checked Certificate not checked CWE-693 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer CWE-693 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-693 C/C++ cpp/cleartext-transmission Cleartext transmission of sensitive information CWE-693 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database CWE-693 C/C++ cpp/non-https-url Failure to use HTTPS URLs CWE-693 C/C++ cpp/insufficient-key-size Use of a cryptographic algorithm with insufficient key size CWE-693 C/C++ cpp/weak-cryptographic-algorithm Use of a broken or risky cryptographic algorithm CWE-693 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed CWE-693 C/C++ cpp/world-writable-file-creation File created without restricting permissions CWE-693 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument CWE-693 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR CWE-693 C/C++ cpp/tainted-permissions-check Untrusted input for a condition CWE-693 C/C++ cpp/late-check-of-function-argument Late Check Of Function Argument CWE-693 C/C++ cpp/linux-kernel-no-check-before-unsafe-put-user Linux kernel no check before unsafe_put_user vulnerability detection CWE-693 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-693 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-693 C/C++ cpp/pam-auth-bypass PAM Authorization bypass CWE-693 C/C++ cpp/curl-disabled-ssl Disabled certifcate verification CWE-693 C/C++ cpp/unknown-asymmetric-key-gen-size Unknown key generation key size CWE-693 C/C++ cpp/weak-asymmetric-key-gen-size Weak asymmetric key generation key size (< 2048 bits) CWE-693 C/C++ cpp/weak-block-mode Weak block mode CWE-693 C/C++ cpp/weak-elliptic-curve Weak elliptic curve CWE-693 C/C++ cpp/weak-crypto/banned-encryption-algorithms Weak cryptography CWE-693 C/C++ cpp/weak-crypto/banned-hash-algorithms Weak cryptography CWE-697 C/C++ cpp/missing-case-in-switch Missing enum case in switch CWE-697 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement CWE-703 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function CWE-703 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-703 C/C++ cpp/return-value-ignored Return value of a function is ignored CWE-703 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-703 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-703 C/C++ cpp/inconsistent-call-on-result Inconsistent operation on return value CWE-703 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-703 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value CWE-703 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type CWE-703 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-703 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-703 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-703 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions CWE-703 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf CWE-704 C/C++ cpp/bad-addition-overflow-check Bad check for overflow of integer addition CWE-704 C/C++ cpp/integer-multiplication-cast-to-long Multiplication result converted to larger type CWE-704 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic CWE-704 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-704 C/C++ cpp/integer-overflow-tainted Potential integer arithmetic overflow CWE-704 C/C++ cpp/incorrect-string-type-conversion Cast from char to wchar_t CWE-704 C/C++ cpp/type-confusion Type confusion CWE-705 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions CWE-706 C/C++ cpp/path-injection Uncontrolled data used in path expression CWE-707 C/C++ cpp/non-constant-format Non-constant format string CWE-707 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-707 C/C++ cpp/improper-null-termination Potential improper null termination CWE-707 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-707 C/C++ cpp/command-line-injection Uncontrolled data used in OS command CWE-707 C/C++ cpp/cgi-xss CGI script vulnerable to cross-site scripting CWE-707 C/C++ cpp/sql-injection Uncontrolled data in SQL query CWE-707 C/C++ cpp/tainted-format-string Uncontrolled format string CWE-707 C/C++ cpp/user-controlled-null-termination-tainted User-controlled data may not be null terminated CWE-707 C/C++ cpp/wordexp-injection Uncontrolled data used in wordexp command CWE-710 C/C++ cpp/unused-local-variable Unused local variable CWE-710 C/C++ cpp/unused-static-function Unused static function CWE-710 C/C++ cpp/unused-static-variable Unused static variable CWE-710 C/C++ cpp/dead-code-condition Branching condition always evaluates to same value CWE-710 C/C++ cpp/dead-code-function Function is never called CWE-710 C/C++ cpp/dead-code-goto Dead code due to goto or break statement CWE-710 C/C++ cpp/double-free Potential double free CWE-710 C/C++ cpp/inconsistent-nullness-testing Inconsistent null check of pointer CWE-710 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function CWE-710 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-710 C/C++ cpp/missing-null-test Returned pointer not checked CWE-710 C/C++ cpp/unused-variable Variable is assigned a value that is never read CWE-710 C/C++ cpp/fixme-comment FIXME comment CWE-710 C/C++ cpp/todo-comment TODO comment CWE-710 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-710 C/C++ cpp/wrong-number-format-arguments Too few arguments to formatting function CWE-710 C/C++ cpp/wrong-type-format-argument Wrong type of arguments to formatting function CWE-710 C/C++ cpp/inconsistent-null-check Inconsistent nullness check CWE-710 C/C++ cpp/useless-expression Expression has no effect CWE-710 C/C++ cpp/pointer-overflow-check Pointer overflow check CWE-710 C/C++ cpp/bad-strncpy-size Possibly wrong buffer size in string copy CWE-710 C/C++ cpp/suspicious-call-to-memset Suspicious call to memset CWE-710 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat CWE-710 C/C++ cpp/unsafe-strcat Potentially unsafe use of strcat CWE-710 C/C++ cpp/redundant-null-check-simple Redundant null check due to previous dereference CWE-710 C/C++ cpp/too-few-arguments Call to function with fewer arguments than declared parameters CWE-710 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value CWE-710 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted CWE-710 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type CWE-710 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-710 C/C++ cpp/dangerous-function-overflow Use of dangerous function CWE-710 C/C++ cpp/dangerous-cin Dangerous use of 'cin' CWE-710 C/C++ cpp/potentially-dangerous-function Use of potentially dangerous function CWE-710 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-710 C/C++ cpp/twice-locked Mutex locked twice CWE-710 C/C++ cpp/unreleased-lock Lock may not be released CWE-710 C/C++ cpp/deref-null-result Null dereference from a function result CWE-710 C/C++ cpp/redundant-null-check-param Redundant null check or missing null check of parameter CWE-710 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-710 C/C++ cpp/wrong-use-of-the-umask Find the wrong use of the umask function CWE-710 C/C++ cpp/experimental-double-free Errors When Double Free CWE-710 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-710 C/C++ cpp/operator-find-incorrectly-used-switch Incorrect switch statement CWE-710 C/C++ cpp/double-release Errors When Double Release CWE-710 C/C++ cpp/errors-of-undefined-program-behavior Errors Of Undefined Program Behavior CWE-732 C/C++ cpp/world-writable-file-creation File created without restricting permissions CWE-732 C/C++ cpp/open-call-with-mode-argument File opened with O_CREAT flag but without mode argument CWE-732 C/C++ cpp/unsafe-dacl-security-descriptor Setting a DACL to NULL in a SECURITY_DESCRIPTOR CWE-733 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted CWE-754 C/C++ cpp/incorrectly-checked-scanf Incorrect return-value check for a 'scanf'-like function CWE-754 C/C++ cpp/missing-check-scanf Missing return-value check for a 'scanf'-like function CWE-754 C/C++ cpp/return-value-ignored Return value of a function is ignored CWE-754 C/C++ cpp/overflowing-snprintf Potentially overflowing call to snprintf CWE-754 C/C++ cpp/inconsistent-call-on-result Inconsistent operation on return value CWE-754 C/C++ cpp/ignore-return-value-sal SAL requires inspecting return value CWE-754 C/C++ cpp/hresult-boolean-conversion Cast between HRESULT and a Boolean type CWE-754 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-754 C/C++ cpp/work-with-changing-working-directories Find work with changing working directories, with security errors CWE-754 C/C++ cpp/drop-linux-privileges-outoforder LinuxPrivilegeDroppingOutoforder CWE-754 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf CWE-755 C/C++ cpp/incorrect-allocation-error-handling Incorrect allocation-error handling CWE-755 C/C++ cpp/operator-find-incorrectly-used-exceptions Operator Find Incorrectly Used Exceptions CWE-758 C/C++ cpp/pointer-overflow-check Pointer overflow check CWE-758 C/C++ cpp/memset-may-be-deleted Call to memset may be deleted CWE-758 C/C++ cpp/errors-of-undefined-program-behavior Errors Of Undefined Program Behavior CWE-764 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-764 C/C++ cpp/twice-locked Mutex locked twice CWE-764 C/C++ cpp/unreleased-lock Lock may not be released CWE-770 C/C++ cpp/alloca-in-loop Call to alloca in a loop CWE-770 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-772 C/C++ cpp/catch-missing-free Leaky catch CWE-772 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed CWE-772 C/C++ cpp/descriptor-never-closed Open descriptor never closed CWE-772 C/C++ cpp/file-may-not-be-closed Open file may not be closed CWE-772 C/C++ cpp/file-never-closed Open file is not closed CWE-772 C/C++ cpp/memory-may-not-be-freed Memory may not be freed CWE-772 C/C++ cpp/memory-never-freed Memory is never freed CWE-772 C/C++ cpp/new-free-mismatch Mismatching new/free or malloc/delete CWE-772 C/C++ cpp/memory-leak-on-failed-call-to-realloc Memory leak on failed call to realloc CWE-775 C/C++ cpp/descriptor-may-not-be-closed Open descriptor may not be closed CWE-775 C/C++ cpp/descriptor-never-closed Open descriptor never closed CWE-775 C/C++ cpp/file-may-not-be-closed Open file may not be closed CWE-775 C/C++ cpp/file-never-closed Open file is not closed CWE-783 C/C++ cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations Operator Precedence Logic Error When Use Bitwise Or Logical Operations CWE-783 C/C++ cpp/operator-precedence-logic-error-when-use-bool-type Operator Precedence Logic Error When Use Bool Type CWE-787 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-787 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-787 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-787 C/C++ cpp/badly-bounded-write Badly bounded write CWE-787 C/C++ cpp/overrunning-write Potentially overrunning write CWE-787 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion CWE-787 C/C++ cpp/unbounded-write Unbounded write CWE-787 C/C++ cpp/very-likely-overrunning-write Likely overrunning write CWE-787 C/C++ cpp/unterminated-variadic-call Unterminated variadic call CWE-787 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-787 C/C++ cpp/invalid-pointer-deref Invalid pointer dereference CWE-787 C/C++ cpp/sign-conversion-pointer-arithmetic unsigned to signed used in pointer arithmetic CWE-788 C/C++ cpp/allocation-too-small Not enough memory allocated for pointer type CWE-788 C/C++ cpp/suspicious-allocation-size Not enough memory allocated for array of pointer type CWE-788 C/C++ cpp/unsafe-strncat Potentially unsafe call to strncat CWE-788 C/C++ cpp/overflow-buffer Call to memory access function may overflow buffer CWE-788 C/C++ cpp/unterminated-variadic-call Unterminated variadic call CWE-788 C/C++ cpp/no-space-for-terminator No space for zero terminator CWE-788 C/C++ cpp/openssl-heartbleed Use of a version of OpenSSL with Heartbleed CWE-788 C/C++ cpp/access-memory-location-after-end-buffer-strlen Access Of Memory Location After End Of Buffer CWE-789 C/C++ cpp/uncontrolled-allocation-size Uncontrolled allocation size CWE-805 C/C++ cpp/badly-bounded-write Badly bounded write CWE-805 C/C++ cpp/overrunning-write Potentially overrunning write CWE-805 C/C++ cpp/overrunning-write-with-float Potentially overrunning write with float to string conversion CWE-805 C/C++ cpp/unbounded-write Unbounded write CWE-805 C/C++ cpp/very-likely-overrunning-write Likely overrunning write CWE-805 C/C++ cpp/buffer-access-with-incorrect-length-value Buffer access with incorrect length value CWE-807 C/C++ cpp/tainted-permissions-check Untrusted input for a condition CWE-823 C/C++ cpp/late-negative-test Pointer offset used before it is checked CWE-823 C/C++ cpp/missing-negativity-test Unchecked return value used as offset CWE-825 C/C++ cpp/double-free Potential double free CWE-825 C/C++ cpp/use-after-free Potential use after free CWE-825 C/C++ cpp/return-stack-allocated-memory Returning stack-allocated memory CWE-825 C/C++ cpp/using-expired-stack-address Use of expired stack-address CWE-825 C/C++ cpp/iterator-to-expired-container Iterator to expired container CWE-825 C/C++ cpp/use-of-string-after-lifetime-ends Use of string after lifetime ends CWE-825 C/C++ cpp/use-of-unique-pointer-after-lifetime-ends Use of unique pointer after lifetime ends CWE-825 C/C++ cpp/experimental-double-free Errors When Double Free CWE-825 C/C++ cpp/use-after-expired-lifetime Use of object after its lifetime has ended CWE-825 C/C++ cpp/dangerous-use-of-exception-blocks Dangerous use of exception blocks CWE-826 C/C++ cpp/self-assignment-check Self assignment check CWE-833 C/C++ cpp/lock-order-cycle Cyclic lock order dependency CWE-833 C/C++ cpp/twice-locked Mutex locked twice CWE-833 C/C++ cpp/unreleased-lock Lock may not be released CWE-834 C/C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop CWE-834 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-834 C/C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition CWE-835 C/C++ cpp/inconsistent-loop-direction Inconsistent direction of for loop CWE-835 C/C++ cpp/comparison-with-wider-type Comparison of narrow type with wide type in loop condition CWE-835 C/C++ cpp/infinite-loop-with-unsatisfiable-exit-condition Infinite loop with unsatisfiable exit condition CWE-843 C/C++ cpp/upcast-array-pointer-arithmetic Upcast array used in pointer arithmetic CWE-843 C/C++ cpp/type-confusion Type confusion CWE-908 C/C++ cpp/improper-check-return-value-scanf Improper check of return value of scanf CWE-909 C/C++ cpp/initialization-not-run Initialization code not run CWE-922 C/C++ cpp/cleartext-storage-buffer Cleartext storage of sensitive information in buffer CWE-922 C/C++ cpp/cleartext-storage-file Cleartext storage of sensitive information in file CWE-922 C/C++ cpp/cleartext-storage-database Cleartext storage of sensitive information in an SQLite database CWE-943 C/C++ cpp/sql-injection Uncontrolled data in SQL query CWE-1041 C/C++ cpp/call-to-function-without-wrapper Missed opportunity to call wrapper function CWE-1078 C/C++ cpp/comma-before-misleading-indentation Comma before misleading indentation CWE-1126 C/C++ cpp/errors-when-using-variable-declaration-inside-loop Errors When Using Variable Declaration Inside Loop CWE-1240 C/C++ cpp/crypto-primitive Implementation of a cryptographic primitive