CWE

Common Weakness Enumeration

A community-developed list of SW & HW weaknesses that can become vulnerabilities

New to CWE? click here!
CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home > CWE Top 25 > 2023 On the Cusp  
ID

2023 “On the Cusp” – Other Dangerous Software Weaknesses


NOTICE: This is a previous version of the Top 25. For the most recent version go here.


Share via:
  1. Reachable Assertion
    CWE-617 CVEs in KEV: 0 Rank Last Year: 44 (up 18) upward trend
  2. Uncontrolled Search Path Element
    CWE-427 CVEs in KEV: 0 Rank Last Year: 27
  3. Improper Restriction of XML External Entity Reference
    CWE-611 CVEs in KEV: 0 Rank Last Year: 24 (down 4) downward trend
  4. Allocation of Resources Without Limits or Throttling
    CWE-770 CVEs in KEV: 0 Rank Last Year: 42 (up 13) upward trend
  5. Exposure of Sensitive Information to an Unauthorized Actor
    CWE-200 CVEs in KEV: 2 Rank Last Year: 33 (up 3) upward trend
  6. Incorrect Permission Assignment for Critical Resource
    CWE-732 CVEs in KEV: 2 Rank Last Year: 30 (down 1) downward trend
  7. URL Redirection to Untrusted Site ('Open Redirect')
    CWE-601 CVEs in KEV: 0 Rank Last Year: 35 (up 3) upward trend
  8. Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
    CWE-1321 CVEs in KEV: 0 Rank Last Year: 34 (up 1) upward trend
  9. Improper Certificate Validation
    CWE-295 CVEs in KEV: 1 Rank Last Year: 26 (down 8) downward trend
  10. Insufficiently Protected Credentials
    CWE-522 CVEs in KEV: 0 Rank Last Year: 38 (up 3) upward trend
  11. Missing Release of Memory after Effective Lifetime
    CWE-401 CVEs in KEV: 0 Rank Last Year: 36
  12. Uncontrolled Resource Consumption
    CWE-400 CVEs in KEV: 1 Rank Last Year: 23 (down 14) downward trend
  13. Authorization Bypass Through User-Controlled Key
    CWE-639 CVEs in KEV: 0 Rank Last Year: 54 (up 16) upward trend
  14. Improper Link Resolution Before File Access ('Link Following')
    CWE-59 CVEs in KEV: 5 Rank Last Year: 37 (down 2) downward trend
  15. Exposure of Resource to Wrong Sphere
    CWE-668 CVEs in KEV: 0 Rank Last Year: 32 (down 8) downward trend
Page Last Updated: November 11, 2024