CWE Pillar Weaknesses

Browse 10 Pillar level CWE entries. Highest-level weaknesses representing the most abstract categorization of software security issues.

10
Total
1
High Likelihood
0
Medium
0
Low
Showing 10 of 10 Pillar weaknesses
CWE-682High

Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CWE-710

Improper Adherence to Coding Standards

The product does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.

CWE-703

Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

CWE-664

Improper Control of a Resource Through its Lifetime

The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

CWE-435

Improper Interaction Between Multiple Correctly-Behaving Entities

An interaction error occurs when two entities have correct behavior when running independently of each other, but when they are integrated as components in a larger system or process, they introduce incorrect behaviors that may cause resultant weaknesses.

CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

CWE-697

Incorrect Comparison

The product compares two entities in a security-relevant context, but the comparison is incorrect.

CWE-691

Insufficient Control Flow Management

The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.

CWE-693

Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Don't leave your security to chance

Get a free security assessment from our experts. We'll identify vulnerabilities and create a protection plan tailored to your business.

⚠️ Security Notice

This tool is provided for educational and authorized security testing purposes only. Always ensure you have proper authorization before testing any systems or networks you do not own. All processing happens client-side in your browser — no data is sent to our servers.