CWE coverage for C and C++¶
An overview of CWE coverage for C and C++ in the latest release of CodeQL.
Overview¶
| CWE | Language | Query id | Query name |
|---|---|---|---|
| CWE‑14 | C++ | cpp/memset-may-be-deleted | Call to memset may be deleted |
| CWE‑20 | C++ | cpp/count-untrusted-data-external-api | Frequency counts for external APIs that are used with untrusted data |
| CWE‑20 | C++ | cpp/count-untrusted-data-external-api-ir | Frequency counts for external APIs that are used with untrusted data |
| CWE‑20 | C++ | cpp/untrusted-data-to-external-api-ir | Untrusted data passed to external API |
| CWE‑20 | C++ | cpp/untrusted-data-to-external-api | Untrusted data passed to external API |
| CWE‑20 | C++ | cpp/uncontrolled-process-operation | Uncontrolled process operation |
| CWE‑20 | C++ | cpp/unclear-array-index-validation | Unclear validation of array index |
| CWE‑20 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑20 | C++ | cpp/late-check-of-function-argument | Late Check Of Function Argument |
| CWE‑22 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑23 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑36 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑73 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑74 | C++ | cpp/non-constant-format | Non-constant format string |
| CWE‑74 | C++ | cpp/command-line-injection | Uncontrolled data used in OS command |
| CWE‑74 | C++ | cpp/cgi-xss | CGI script vulnerable to cross-site scripting |
| CWE‑74 | C++ | cpp/sql-injection | Uncontrolled data in SQL query |
| CWE‑74 | C++ | cpp/tainted-format-string | Uncontrolled format string |
| CWE‑74 | C++ | cpp/tainted-format-string-through-global | Uncontrolled format string (through global variable) |
| CWE‑77 | C++ | cpp/command-line-injection | Uncontrolled data used in OS command |
| CWE‑78 | C++ | cpp/command-line-injection | Uncontrolled data used in OS command |
| CWE‑79 | C++ | cpp/cgi-xss | CGI script vulnerable to cross-site scripting |
| CWE‑88 | C++ | cpp/command-line-injection | Uncontrolled data used in OS command |
| CWE‑89 | C++ | cpp/sql-injection | Uncontrolled data in SQL query |
| CWE‑114 | C++ | cpp/uncontrolled-process-operation | Uncontrolled process operation |
| CWE‑118 | C++ | cpp/offset-use-before-range-check | Array offset used before range check |
| CWE‑118 | C++ | cpp/late-negative-test | Pointer offset used before it is checked |
| CWE‑118 | C++ | cpp/missing-negativity-test | Unchecked return value used as offset |
| CWE‑118 | C++ | cpp/overflow-calculated | Buffer not sufficient for string |
| CWE‑118 | C++ | cpp/overflow-destination | Copy function using source size |
| CWE‑118 | C++ | cpp/static-buffer-overflow | Static array access may cause overflow |
| CWE‑118 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑118 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑118 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑118 | C++ | cpp/upcast-array-pointer-arithmetic | Upcast array used in pointer arithmetic |
| CWE‑118 | C++ | cpp/return-stack-allocated-memory | Returning stack-allocated memory |
| CWE‑118 | C++ | cpp/bad-strncpy-size | Possibly wrong buffer size in string copy |
| CWE‑118 | C++ | cpp/unsafe-strncat | Potentially unsafe call to strncat |
| CWE‑118 | C++ | cpp/unsafe-strcat | Potentially unsafe use of strcat |
| CWE‑118 | C++ | cpp/using-expired-stack-address | Use of expired stack-address |
| CWE‑118 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑118 | C++ | cpp/badly-bounded-write | Badly bounded write |
| CWE‑118 | C++ | cpp/overrunning-write | Potentially overrunning write |
| CWE‑118 | C++ | cpp/overrunning-write-with-float | Potentially overrunning write with float to string conversion |
| CWE‑118 | C++ | cpp/unbounded-write | Unbounded write |
| CWE‑118 | C++ | cpp/very-likely-overrunning-write | Likely overrunning write |
| CWE‑118 | C++ | cpp/unterminated-variadic-call | Unterminated variadic call |
| CWE‑118 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑118 | C++ | cpp/openssl-heartbleed | Use of a version of OpenSSL with Heartbleed |
| CWE‑118 | C++ | cpp/memory-unsafe-function-scan | Scanf function without a specified length |
| CWE‑118 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑118 | C++ | cpp/sign-conversion-pointer-arithmetic | unsigned to signed used in pointer arithmetic |
| CWE‑118 | C++ | cpp/access-memory-location-after-end-buffer-strlen | Access Of Memory Location After End Of Buffer |
| CWE‑119 | C++ | cpp/offset-use-before-range-check | Array offset used before range check |
| CWE‑119 | C++ | cpp/late-negative-test | Pointer offset used before it is checked |
| CWE‑119 | C++ | cpp/missing-negativity-test | Unchecked return value used as offset |
| CWE‑119 | C++ | cpp/overflow-calculated | Buffer not sufficient for string |
| CWE‑119 | C++ | cpp/overflow-destination | Copy function using source size |
| CWE‑119 | C++ | cpp/static-buffer-overflow | Static array access may cause overflow |
| CWE‑119 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑119 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑119 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑119 | C++ | cpp/upcast-array-pointer-arithmetic | Upcast array used in pointer arithmetic |
| CWE‑119 | C++ | cpp/return-stack-allocated-memory | Returning stack-allocated memory |
| CWE‑119 | C++ | cpp/bad-strncpy-size | Possibly wrong buffer size in string copy |
| CWE‑119 | C++ | cpp/unsafe-strncat | Potentially unsafe call to strncat |
| CWE‑119 | C++ | cpp/unsafe-strcat | Potentially unsafe use of strcat |
| CWE‑119 | C++ | cpp/using-expired-stack-address | Use of expired stack-address |
| CWE‑119 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑119 | C++ | cpp/badly-bounded-write | Badly bounded write |
| CWE‑119 | C++ | cpp/overrunning-write | Potentially overrunning write |
| CWE‑119 | C++ | cpp/overrunning-write-with-float | Potentially overrunning write with float to string conversion |
| CWE‑119 | C++ | cpp/unbounded-write | Unbounded write |
| CWE‑119 | C++ | cpp/very-likely-overrunning-write | Likely overrunning write |
| CWE‑119 | C++ | cpp/unterminated-variadic-call | Unterminated variadic call |
| CWE‑119 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑119 | C++ | cpp/openssl-heartbleed | Use of a version of OpenSSL with Heartbleed |
| CWE‑119 | C++ | cpp/memory-unsafe-function-scan | Scanf function without a specified length |
| CWE‑119 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑119 | C++ | cpp/sign-conversion-pointer-arithmetic | unsigned to signed used in pointer arithmetic |
| CWE‑119 | C++ | cpp/access-memory-location-after-end-buffer-strlen | Access Of Memory Location After End Of Buffer |
| CWE‑120 | C++ | cpp/offset-use-before-range-check | Array offset used before range check |
| CWE‑120 | C++ | cpp/overflow-calculated | Buffer not sufficient for string |
| CWE‑120 | C++ | cpp/unsafe-strcat | Potentially unsafe use of strcat |
| CWE‑120 | C++ | cpp/badly-bounded-write | Badly bounded write |
| CWE‑120 | C++ | cpp/overrunning-write | Potentially overrunning write |
| CWE‑120 | C++ | cpp/overrunning-write-with-float | Potentially overrunning write with float to string conversion |
| CWE‑120 | C++ | cpp/unbounded-write | Unbounded write |
| CWE‑120 | C++ | cpp/very-likely-overrunning-write | Likely overrunning write |
| CWE‑120 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑120 | C++ | cpp/memory-unsafe-function-scan | Scanf function without a specified length |
| CWE‑121 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑121 | C++ | cpp/unterminated-variadic-call | Unterminated variadic call |
| CWE‑122 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑122 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑122 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑122 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑125 | C++ | cpp/offset-use-before-range-check | Array offset used before range check |
| CWE‑125 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑126 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑128 | C++ | cpp/signed-overflow-check | Signed overflow check |
| CWE‑128 | C++ | cpp/multiplication-overflow-in-alloc | Multiplication result may overflow and be used in allocation |
| CWE‑129 | C++ | cpp/unclear-array-index-validation | Unclear validation of array index |
| CWE‑131 | C++ | cpp/overflow-calculated | Buffer not sufficient for string |
| CWE‑131 | C++ | cpp/overflow-destination | Copy function using source size |
| CWE‑131 | C++ | cpp/static-buffer-overflow | Static array access may cause overflow |
| CWE‑131 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑131 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑131 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑134 | C++ | cpp/non-constant-format | Non-constant format string |
| CWE‑134 | C++ | cpp/tainted-format-string | Uncontrolled format string |
| CWE‑134 | C++ | cpp/tainted-format-string-through-global | Uncontrolled format string (through global variable) |
| CWE‑170 | C++ | cpp/improper-null-termination | Potential improper null termination |
| CWE‑170 | C++ | cpp/user-controlled-null-termination-tainted | User-controlled data may not be null terminated |
| CWE‑190 | C++ | cpp/ambiguously-signed-bit-field | Ambiguously signed bit-field member |
| CWE‑190 | C++ | cpp/bad-addition-overflow-check | Bad check for overflow of integer addition |
| CWE‑190 | C++ | cpp/integer-multiplication-cast-to-long | Multiplication result converted to larger type |
| CWE‑190 | C++ | cpp/signed-overflow-check | Signed overflow check |
| CWE‑190 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑190 | C++ | cpp/tainted-arithmetic | User-controlled data in arithmetic expression |
| CWE‑190 | C++ | cpp/uncontrolled-arithmetic | Uncontrolled data in arithmetic expression |
| CWE‑190 | C++ | cpp/arithmetic-with-extreme-values | Use of extreme values in arithmetic expression |
| CWE‑190 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑190 | C++ | cpp/integer-overflow-tainted | Potential integer arithmetic overflow |
| CWE‑190 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑190 | C++ | cpp/multiplication-overflow-in-alloc | Multiplication result may overflow and be used in allocation |
| CWE‑190 | C++ | cpp/dangerous-use-of-transformation-after-operation | Dangerous use of transformation after operation. |
| CWE‑190 | C++ | cpp/signed-bit-field | Possible signed bit-field member |
| CWE‑191 | C++ | cpp/tainted-arithmetic | User-controlled data in arithmetic expression |
| CWE‑191 | C++ | cpp/uncontrolled-arithmetic | Uncontrolled data in arithmetic expression |
| CWE‑191 | C++ | cpp/arithmetic-with-extreme-values | Use of extreme values in arithmetic expression |
| CWE‑191 | C++ | cpp/unsigned-difference-expression-compared-zero | Unsigned difference expression compared to zero |
| CWE‑197 | C++ | cpp/integer-multiplication-cast-to-long | Multiplication result converted to larger type |
| CWE‑197 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑197 | C++ | cpp/integer-overflow-tainted | Potential integer arithmetic overflow |
| CWE‑200 | C++ | cpp/system-data-exposure | Exposure of system data to an unauthorized control sphere |
| CWE‑200 | C++ | cpp/work-with-file-without-permissions-rights | Writing to a file without setting permissions. |
| CWE‑200 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑200 | C++ | cpp/private-cleartext-write | Exposure of private information |
| CWE‑227 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑227 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑227 | C++ | cpp/wrong-type-format-argument | Wrong type of arguments to formatting function |
| CWE‑227 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑227 | C++ | cpp/ignore-return-value-sal | SAL requires inspecting return value |
| CWE‑227 | C++ | cpp/hresult-boolean-conversion | Cast between HRESULT and a Boolean type |
| CWE‑227 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑227 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑227 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑227 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑227 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑227 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑227 | C++ | cpp/double-release | Errors When Double Release |
| CWE‑228 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑228 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑233 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑233 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑234 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑234 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑242 | C++ | cpp/dangerous-function-overflow | Use of dangerous function |
| CWE‑243 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑248 | C++ | cpp/operator-find-incorrectly-used-exceptions | Operator Find Incorrectly Used Exceptions |
| CWE‑252 | C++ | cpp/return-value-ignored | Return value of a function is ignored |
| CWE‑252 | C++ | cpp/inconsistent-call-on-result | Inconsistent operation on return value |
| CWE‑252 | C++ | cpp/ignore-return-value-sal | SAL requires inspecting return value |
| CWE‑252 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑252 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑253 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑253 | C++ | cpp/hresult-boolean-conversion | Cast between HRESULT and a Boolean type |
| CWE‑260 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑266 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑269 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑269 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑271 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑273 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑284 | C++ | cpp/user-controlled-bypass | Authentication bypass by spoofing |
| CWE‑284 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑284 | C++ | cpp/world-writable-file-creation | File created without restricting permissions |
| CWE‑284 | C++ | cpp/open-call-with-mode-argument | File opened with O_CREAT flag but without mode argument |
| CWE‑284 | C++ | cpp/unsafe-dacl-security-descriptor | Setting a DACL to NULL in a SECURITY_DESCRIPTOR |
| CWE‑284 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑284 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑285 | C++ | cpp/world-writable-file-creation | File created without restricting permissions |
| CWE‑285 | C++ | cpp/open-call-with-mode-argument | File opened with O_CREAT flag but without mode argument |
| CWE‑285 | C++ | cpp/unsafe-dacl-security-descriptor | Setting a DACL to NULL in a SECURITY_DESCRIPTOR |
| CWE‑287 | C++ | cpp/user-controlled-bypass | Authentication bypass by spoofing |
| CWE‑287 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑290 | C++ | cpp/user-controlled-bypass | Authentication bypass by spoofing |
| CWE‑295 | C++ | cpp/certificate-result-conflation | Certificate result conflation |
| CWE‑295 | C++ | cpp/certificate-not-checked | Certificate not checked |
| CWE‑311 | C++ | cpp/cleartext-storage-buffer | Cleartext storage of sensitive information in buffer |
| CWE‑311 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑311 | C++ | cpp/cleartext-transmission | Cleartext transmission of sensitive information |
| CWE‑311 | C++ | cpp/cleartext-storage-database | Cleartext storage of sensitive information in an SQLite database |
| CWE‑311 | C++ | cpp/non-https-url | Failure to use HTTPS URLs |
| CWE‑312 | C++ | cpp/cleartext-storage-buffer | Cleartext storage of sensitive information in buffer |
| CWE‑312 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑312 | C++ | cpp/cleartext-storage-database | Cleartext storage of sensitive information in an SQLite database |
| CWE‑313 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑313 | C++ | cpp/cleartext-storage-database | Cleartext storage of sensitive information in an SQLite database |
| CWE‑319 | C++ | cpp/cleartext-transmission | Cleartext transmission of sensitive information |
| CWE‑319 | C++ | cpp/non-https-url | Failure to use HTTPS URLs |
| CWE‑326 | C++ | cpp/boost/tls-settings-misconfiguration | Boost_asio TLS Settings Misconfiguration |
| CWE‑326 | C++ | cpp/insufficient-key-size | Use of a cryptographic algorithm with insufficient key size |
| CWE‑327 | C++ | cpp/boost/use-of-deprecated-hardcoded-security-protocol | boost::asio Use of deprecated hardcoded Protocol |
| CWE‑327 | C++ | cpp/weak-cryptographic-algorithm | Use of a broken or risky cryptographic algorithm |
| CWE‑327 | C++ | cpp/openssl-heartbleed | Use of a version of OpenSSL with Heartbleed |
| CWE‑345 | C++ | cpp/non-https-url | Failure to use HTTPS URLs |
| CWE‑359 | C++ | cpp/private-cleartext-write | Exposure of private information |
| CWE‑362 | C++ | cpp/toctou-race-condition | Time-of-check time-of-use filesystem race condition |
| CWE‑367 | C++ | cpp/toctou-race-condition | Time-of-check time-of-use filesystem race condition |
| CWE‑377 | C++ | cpp/insecure-generation-of-filename | Insecure generation of filenames. |
| CWE‑390 | C++ | cpp/operator-find-incorrectly-used-exceptions | Operator Find Incorrectly Used Exceptions |
| CWE‑398 | C++ | cpp/unused-local-variable | Unused local variable |
| CWE‑398 | C++ | cpp/unused-static-function | Unused static function |
| CWE‑398 | C++ | cpp/unused-static-variable | Unused static variable |
| CWE‑398 | C++ | cpp/dead-code-condition | Branching condition always evaluates to same value |
| CWE‑398 | C++ | cpp/dead-code-function | Function is never called |
| CWE‑398 | C++ | cpp/dead-code-goto | Dead code due to goto or break statement |
| CWE‑398 | C++ | cpp/inconsistent-nullness-testing | Inconsistent null check of pointer |
| CWE‑398 | C++ | cpp/missing-null-test | Returned pointer not checked |
| CWE‑398 | C++ | cpp/unused-variable | Variable is assigned a value that is never read |
| CWE‑398 | C++ | cpp/fixme-comment | FIXME comment |
| CWE‑398 | C++ | cpp/todo-comment | TODO comment |
| CWE‑398 | C++ | cpp/inconsistent-null-check | Inconsistent nullness check |
| CWE‑398 | C++ | cpp/redundant-null-check-simple | Redundant null check due to previous dereference |
| CWE‑398 | C++ | cpp/useless-expression | Expression has no effect |
| CWE‑398 | C++ | cpp/bad-strncpy-size | Possibly wrong buffer size in string copy |
| CWE‑398 | C++ | cpp/suspicious-call-to-memset | Suspicious call to memset |
| CWE‑398 | C++ | cpp/unsafe-strncat | Potentially unsafe call to strncat |
| CWE‑398 | C++ | cpp/unsafe-strcat | Potentially unsafe use of strcat |
| CWE‑398 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑398 | C++ | cpp/dangerous-function-overflow | Use of dangerous function |
| CWE‑398 | C++ | cpp/dangerous-cin | Dangerous use of 'cin' |
| CWE‑398 | C++ | cpp/potentially-dangerous-function | Use of potentially dangerous function |
| CWE‑398 | C++ | cpp/redundant-null-check-param | Redundant null check or missing null check of parameter |
| CWE‑398 | C++ | cpp/operator-find-incorrectly-used-switch | Incorrect switch statement |
| CWE‑400 | C++ | cpp/catch-missing-free | Leaky catch |
| CWE‑400 | C++ | cpp/descriptor-may-not-be-closed | Open descriptor may not be closed |
| CWE‑400 | C++ | cpp/descriptor-never-closed | Open descriptor never closed |
| CWE‑400 | C++ | cpp/file-may-not-be-closed | Open file may not be closed |
| CWE‑400 | C++ | cpp/file-never-closed | Open file is not closed |
| CWE‑400 | C++ | cpp/memory-may-not-be-freed | Memory may not be freed |
| CWE‑400 | C++ | cpp/memory-never-freed | Memory is never freed |
| CWE‑400 | C++ | cpp/new-free-mismatch | Mismatching new/free or malloc/delete |
| CWE‑400 | C++ | cpp/alloca-in-loop | Call to alloca in a loop |
| CWE‑400 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑400 | C++ | cpp/memory-leak-on-failed-call-to-realloc | Memory leak on failed call to realloc |
| CWE‑401 | C++ | cpp/catch-missing-free | Leaky catch |
| CWE‑401 | C++ | cpp/memory-may-not-be-freed | Memory may not be freed |
| CWE‑401 | C++ | cpp/memory-never-freed | Memory is never freed |
| CWE‑401 | C++ | cpp/new-free-mismatch | Mismatching new/free or malloc/delete |
| CWE‑401 | C++ | cpp/memory-leak-on-failed-call-to-realloc | Memory leak on failed call to realloc |
| CWE‑404 | C++ | cpp/catch-missing-free | Leaky catch |
| CWE‑404 | C++ | cpp/descriptor-may-not-be-closed | Open descriptor may not be closed |
| CWE‑404 | C++ | cpp/descriptor-never-closed | Open descriptor never closed |
| CWE‑404 | C++ | cpp/file-may-not-be-closed | Open file may not be closed |
| CWE‑404 | C++ | cpp/file-never-closed | Open file is not closed |
| CWE‑404 | C++ | cpp/memory-may-not-be-freed | Memory may not be freed |
| CWE‑404 | C++ | cpp/memory-never-freed | Memory is never freed |
| CWE‑404 | C++ | cpp/new-free-mismatch | Mismatching new/free or malloc/delete |
| CWE‑404 | C++ | cpp/memory-leak-on-failed-call-to-realloc | Memory leak on failed call to realloc |
| CWE‑404 | C++ | cpp/resource-not-released-in-destructor | Resource not released in destructor |
| CWE‑415 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑416 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑428 | C++ | cpp/unsafe-create-process-call | NULL application name with an unquoted path in call to CreateProcess |
| CWE‑435 | C++ | cpp/memset-may-be-deleted | Call to memset may be deleted |
| CWE‑456 | C++ | cpp/initialization-not-run | Initialization code not run |
| CWE‑457 | C++ | cpp/global-use-before-init | Global variable may be used before initialization |
| CWE‑457 | C++ | cpp/not-initialised | Variable not initialized before use |
| CWE‑457 | C++ | cpp/uninitialized-local | Potentially uninitialized local variable |
| CWE‑457 | C++ | cpp/conditionally-uninitialized-variable | Conditionally uninitialized variable |
| CWE‑467 | C++ | cpp/suspicious-sizeof | Suspicious 'sizeof' use |
| CWE‑468 | C++ | cpp/suspicious-pointer-scaling | Suspicious pointer scaling |
| CWE‑468 | C++ | cpp/incorrect-pointer-scaling-char | Suspicious pointer scaling to char |
| CWE‑468 | C++ | cpp/suspicious-pointer-scaling-void | Suspicious pointer scaling to void |
| CWE‑468 | C++ | cpp/suspicious-add-sizeof | Suspicious add with sizeof |
| CWE‑476 | C++ | cpp/inconsistent-nullness-testing | Inconsistent null check of pointer |
| CWE‑476 | C++ | cpp/missing-null-test | Returned pointer not checked |
| CWE‑476 | C++ | cpp/inconsistent-null-check | Inconsistent nullness check |
| CWE‑476 | C++ | cpp/redundant-null-check-simple | Redundant null check due to previous dereference |
| CWE‑476 | C++ | cpp/redundant-null-check-param | Redundant null check or missing null check of parameter |
| CWE‑478 | C++ | cpp/missing-case-in-switch | Missing enum case in switch |
| CWE‑478 | C++ | cpp/operator-find-incorrectly-used-switch | Incorrect switch statement |
| CWE‑480 | C++ | cpp/assign-where-compare-meant | Assignment where comparison was intended |
| CWE‑480 | C++ | cpp/compare-where-assign-meant | Comparison where assignment was intended |
| CWE‑480 | C++ | cpp/incorrect-not-operator-usage | Incorrect 'not' operator usage |
| CWE‑480 | C++ | cpp/logical-operator-applied-to-flag | Short-circuiting operator applied to flag |
| CWE‑480 | C++ | cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations | Operator Precedence Logic Error When Use Bitwise Or Logical Operations |
| CWE‑480 | C++ | cpp/operator-precedence-logic-error-when-use-bool-type | Operator Precedence Logic Error When Use Bool Type |
| CWE‑481 | C++ | cpp/assign-where-compare-meant | Assignment where comparison was intended |
| CWE‑482 | C++ | cpp/compare-where-assign-meant | Comparison where assignment was intended |
| CWE‑497 | C++ | cpp/system-data-exposure | Exposure of system data to an unauthorized control sphere |
| CWE‑522 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑546 | C++ | cpp/fixme-comment | FIXME comment |
| CWE‑546 | C++ | cpp/todo-comment | TODO comment |
| CWE‑560 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑561 | C++ | cpp/unused-static-function | Unused static function |
| CWE‑561 | C++ | cpp/dead-code-condition | Branching condition always evaluates to same value |
| CWE‑561 | C++ | cpp/dead-code-function | Function is never called |
| CWE‑561 | C++ | cpp/dead-code-goto | Dead code due to goto or break statement |
| CWE‑561 | C++ | cpp/useless-expression | Expression has no effect |
| CWE‑561 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑561 | C++ | cpp/operator-find-incorrectly-used-switch | Incorrect switch statement |
| CWE‑563 | C++ | cpp/unused-local-variable | Unused local variable |
| CWE‑563 | C++ | cpp/unused-static-variable | Unused static variable |
| CWE‑563 | C++ | cpp/unused-variable | Variable is assigned a value that is never read |
| CWE‑570 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑573 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑573 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑573 | C++ | cpp/wrong-type-format-argument | Wrong type of arguments to formatting function |
| CWE‑573 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑573 | C++ | cpp/ignore-return-value-sal | SAL requires inspecting return value |
| CWE‑573 | C++ | cpp/hresult-boolean-conversion | Cast between HRESULT and a Boolean type |
| CWE‑573 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑573 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑573 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑573 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑573 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑573 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑573 | C++ | cpp/double-release | Errors When Double Release |
| CWE‑592 | C++ | cpp/user-controlled-bypass | Authentication bypass by spoofing |
| CWE‑610 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑628 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑628 | C++ | cpp/wrong-type-format-argument | Wrong type of arguments to formatting function |
| CWE‑628 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑628 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑642 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑662 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑662 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑662 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑664 | C++ | cpp/catch-missing-free | Leaky catch |
| CWE‑664 | C++ | cpp/descriptor-may-not-be-closed | Open descriptor may not be closed |
| CWE‑664 | C++ | cpp/descriptor-never-closed | Open descriptor never closed |
| CWE‑664 | C++ | cpp/file-may-not-be-closed | Open file may not be closed |
| CWE‑664 | C++ | cpp/file-never-closed | Open file is not closed |
| CWE‑664 | C++ | cpp/global-use-before-init | Global variable may be used before initialization |
| CWE‑664 | C++ | cpp/initialization-not-run | Initialization code not run |
| CWE‑664 | C++ | cpp/memory-may-not-be-freed | Memory may not be freed |
| CWE‑664 | C++ | cpp/memory-never-freed | Memory is never freed |
| CWE‑664 | C++ | cpp/new-free-mismatch | Mismatching new/free or malloc/delete |
| CWE‑664 | C++ | cpp/not-initialised | Variable not initialized before use |
| CWE‑664 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑664 | C++ | cpp/bad-addition-overflow-check | Bad check for overflow of integer addition |
| CWE‑664 | C++ | cpp/integer-multiplication-cast-to-long | Multiplication result converted to larger type |
| CWE‑664 | C++ | cpp/upcast-array-pointer-arithmetic | Upcast array used in pointer arithmetic |
| CWE‑664 | C++ | cpp/alloca-in-loop | Call to alloca in a loop |
| CWE‑664 | C++ | cpp/improper-null-termination | Potential improper null termination |
| CWE‑664 | C++ | cpp/return-stack-allocated-memory | Returning stack-allocated memory |
| CWE‑664 | C++ | cpp/uninitialized-local | Potentially uninitialized local variable |
| CWE‑664 | C++ | cpp/using-expired-stack-address | Use of expired stack-address |
| CWE‑664 | C++ | cpp/self-assignment-check | Self assignment check |
| CWE‑664 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑664 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑664 | C++ | cpp/integer-overflow-tainted | Potential integer arithmetic overflow |
| CWE‑664 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑664 | C++ | cpp/user-controlled-bypass | Authentication bypass by spoofing |
| CWE‑664 | C++ | cpp/cleartext-storage-buffer | Cleartext storage of sensitive information in buffer |
| CWE‑664 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑664 | C++ | cpp/cleartext-storage-database | Cleartext storage of sensitive information in an SQLite database |
| CWE‑664 | C++ | cpp/unsafe-create-process-call | NULL application name with an unquoted path in call to CreateProcess |
| CWE‑664 | C++ | cpp/conditionally-uninitialized-variable | Conditionally uninitialized variable |
| CWE‑664 | C++ | cpp/system-data-exposure | Exposure of system data to an unauthorized control sphere |
| CWE‑664 | C++ | cpp/incorrect-string-type-conversion | Cast from char to wchar_t |
| CWE‑664 | C++ | cpp/world-writable-file-creation | File created without restricting permissions |
| CWE‑664 | C++ | cpp/open-call-with-mode-argument | File opened with O_CREAT flag but without mode argument |
| CWE‑664 | C++ | cpp/unsafe-dacl-security-descriptor | Setting a DACL to NULL in a SECURITY_DESCRIPTOR |
| CWE‑664 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑664 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑664 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑664 | C++ | cpp/work-with-file-without-permissions-rights | Writing to a file without setting permissions. |
| CWE‑664 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑664 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑664 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑664 | C++ | cpp/private-cleartext-write | Exposure of private information |
| CWE‑664 | C++ | cpp/insecure-generation-of-filename | Insecure generation of filenames. |
| CWE‑664 | C++ | cpp/memory-leak-on-failed-call-to-realloc | Memory leak on failed call to realloc |
| CWE‑664 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑664 | C++ | cpp/double-release | Errors When Double Release |
| CWE‑664 | C++ | cpp/improper-check-return-value-scanf | Improper check of return value of scanf |
| CWE‑664 | C++ | cpp/resource-not-released-in-destructor | Resource not released in destructor |
| CWE‑665 | C++ | cpp/global-use-before-init | Global variable may be used before initialization |
| CWE‑665 | C++ | cpp/initialization-not-run | Initialization code not run |
| CWE‑665 | C++ | cpp/not-initialised | Variable not initialized before use |
| CWE‑665 | C++ | cpp/alloca-in-loop | Call to alloca in a loop |
| CWE‑665 | C++ | cpp/improper-null-termination | Potential improper null termination |
| CWE‑665 | C++ | cpp/uninitialized-local | Potentially uninitialized local variable |
| CWE‑665 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑665 | C++ | cpp/conditionally-uninitialized-variable | Conditionally uninitialized variable |
| CWE‑666 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑666 | C++ | cpp/return-stack-allocated-memory | Returning stack-allocated memory |
| CWE‑666 | C++ | cpp/using-expired-stack-address | Use of expired stack-address |
| CWE‑666 | C++ | cpp/self-assignment-check | Self assignment check |
| CWE‑666 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑666 | C++ | cpp/double-release | Errors When Double Release |
| CWE‑667 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑667 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑667 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑668 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑668 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑668 | C++ | cpp/unsafe-create-process-call | NULL application name with an unquoted path in call to CreateProcess |
| CWE‑668 | C++ | cpp/system-data-exposure | Exposure of system data to an unauthorized control sphere |
| CWE‑668 | C++ | cpp/world-writable-file-creation | File created without restricting permissions |
| CWE‑668 | C++ | cpp/open-call-with-mode-argument | File opened with O_CREAT flag but without mode argument |
| CWE‑668 | C++ | cpp/unsafe-dacl-security-descriptor | Setting a DACL to NULL in a SECURITY_DESCRIPTOR |
| CWE‑668 | C++ | cpp/work-with-file-without-permissions-rights | Writing to a file without setting permissions. |
| CWE‑668 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑668 | C++ | cpp/private-cleartext-write | Exposure of private information |
| CWE‑668 | C++ | cpp/insecure-generation-of-filename | Insecure generation of filenames. |
| CWE‑669 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑670 | C++ | cpp/assign-where-compare-meant | Assignment where comparison was intended |
| CWE‑670 | C++ | cpp/compare-where-assign-meant | Comparison where assignment was intended |
| CWE‑670 | C++ | cpp/incorrect-not-operator-usage | Incorrect 'not' operator usage |
| CWE‑670 | C++ | cpp/logical-operator-applied-to-flag | Short-circuiting operator applied to flag |
| CWE‑670 | C++ | cpp/unsafe-use-of-this | Unsafe use of this in constructor |
| CWE‑670 | C++ | cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations | Operator Precedence Logic Error When Use Bitwise Or Logical Operations |
| CWE‑670 | C++ | cpp/operator-precedence-logic-error-when-use-bool-type | Operator Precedence Logic Error When Use Bool Type |
| CWE‑672 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑672 | C++ | cpp/return-stack-allocated-memory | Returning stack-allocated memory |
| CWE‑672 | C++ | cpp/using-expired-stack-address | Use of expired stack-address |
| CWE‑672 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑675 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑675 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑675 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑675 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑675 | C++ | cpp/double-release | Errors When Double Release |
| CWE‑676 | C++ | cpp/bad-strncpy-size | Possibly wrong buffer size in string copy |
| CWE‑676 | C++ | cpp/suspicious-call-to-memset | Suspicious call to memset |
| CWE‑676 | C++ | cpp/unsafe-strncat | Potentially unsafe call to strncat |
| CWE‑676 | C++ | cpp/unsafe-strcat | Potentially unsafe use of strcat |
| CWE‑676 | C++ | cpp/dangerous-function-overflow | Use of dangerous function |
| CWE‑676 | C++ | cpp/dangerous-cin | Dangerous use of 'cin' |
| CWE‑676 | C++ | cpp/potentially-dangerous-function | Use of potentially dangerous function |
| CWE‑681 | C++ | cpp/bad-addition-overflow-check | Bad check for overflow of integer addition |
| CWE‑681 | C++ | cpp/integer-multiplication-cast-to-long | Multiplication result converted to larger type |
| CWE‑681 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑681 | C++ | cpp/integer-overflow-tainted | Potential integer arithmetic overflow |
| CWE‑682 | C++ | cpp/overflow-calculated | Buffer not sufficient for string |
| CWE‑682 | C++ | cpp/overflow-destination | Copy function using source size |
| CWE‑682 | C++ | cpp/static-buffer-overflow | Static array access may cause overflow |
| CWE‑682 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑682 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑682 | C++ | cpp/ambiguously-signed-bit-field | Ambiguously signed bit-field member |
| CWE‑682 | C++ | cpp/bad-addition-overflow-check | Bad check for overflow of integer addition |
| CWE‑682 | C++ | cpp/integer-multiplication-cast-to-long | Multiplication result converted to larger type |
| CWE‑682 | C++ | cpp/signed-overflow-check | Signed overflow check |
| CWE‑682 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑682 | C++ | cpp/suspicious-sizeof | Suspicious 'sizeof' use |
| CWE‑682 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑682 | C++ | cpp/tainted-arithmetic | User-controlled data in arithmetic expression |
| CWE‑682 | C++ | cpp/uncontrolled-arithmetic | Uncontrolled data in arithmetic expression |
| CWE‑682 | C++ | cpp/arithmetic-with-extreme-values | Use of extreme values in arithmetic expression |
| CWE‑682 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑682 | C++ | cpp/integer-overflow-tainted | Potential integer arithmetic overflow |
| CWE‑682 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑682 | C++ | cpp/unsigned-difference-expression-compared-zero | Unsigned difference expression compared to zero |
| CWE‑682 | C++ | cpp/suspicious-pointer-scaling | Suspicious pointer scaling |
| CWE‑682 | C++ | cpp/incorrect-pointer-scaling-char | Suspicious pointer scaling to char |
| CWE‑682 | C++ | cpp/suspicious-pointer-scaling-void | Suspicious pointer scaling to void |
| CWE‑682 | C++ | cpp/suspicious-add-sizeof | Suspicious add with sizeof |
| CWE‑682 | C++ | cpp/multiplication-overflow-in-alloc | Multiplication result may overflow and be used in allocation |
| CWE‑682 | C++ | cpp/dangerous-use-of-transformation-after-operation | Dangerous use of transformation after operation. |
| CWE‑682 | C++ | cpp/signed-bit-field | Possible signed bit-field member |
| CWE‑685 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑685 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑686 | C++ | cpp/wrong-type-format-argument | Wrong type of arguments to formatting function |
| CWE‑687 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑691 | C++ | cpp/assign-where-compare-meant | Assignment where comparison was intended |
| CWE‑691 | C++ | cpp/compare-where-assign-meant | Comparison where assignment was intended |
| CWE‑691 | C++ | cpp/incorrect-not-operator-usage | Incorrect 'not' operator usage |
| CWE‑691 | C++ | cpp/logical-operator-applied-to-flag | Short-circuiting operator applied to flag |
| CWE‑691 | C++ | cpp/inconsistent-loop-direction | Inconsistent direction of for loop |
| CWE‑691 | C++ | cpp/unsafe-use-of-this | Unsafe use of this in constructor |
| CWE‑691 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑691 | C++ | cpp/toctou-race-condition | Time-of-check time-of-use filesystem race condition |
| CWE‑691 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑691 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑691 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑691 | C++ | cpp/infinite-loop-with-unsatisfiable-exit-condition | Infinite loop with unsatisfiable exit condition |
| CWE‑691 | C++ | cpp/operator-find-incorrectly-used-switch | Incorrect switch statement |
| CWE‑691 | C++ | cpp/errors-after-refactoring | Errors After Refactoring |
| CWE‑691 | C++ | cpp/errors-when-using-bit-operations | Errors When Using Bit Operations |
| CWE‑691 | C++ | cpp/operator-find-incorrectly-used-exceptions | Operator Find Incorrectly Used Exceptions |
| CWE‑691 | C++ | cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations | Operator Precedence Logic Error When Use Bitwise Or Logical Operations |
| CWE‑691 | C++ | cpp/operator-precedence-logic-error-when-use-bool-type | Operator Precedence Logic Error When Use Bool Type |
| CWE‑693 | C++ | cpp/boost/tls-settings-misconfiguration | Boost_asio TLS Settings Misconfiguration |
| CWE‑693 | C++ | cpp/boost/use-of-deprecated-hardcoded-security-protocol | boost::asio Use of deprecated hardcoded Protocol |
| CWE‑693 | C++ | cpp/count-untrusted-data-external-api | Frequency counts for external APIs that are used with untrusted data |
| CWE‑693 | C++ | cpp/count-untrusted-data-external-api-ir | Frequency counts for external APIs that are used with untrusted data |
| CWE‑693 | C++ | cpp/untrusted-data-to-external-api-ir | Untrusted data passed to external API |
| CWE‑693 | C++ | cpp/untrusted-data-to-external-api | Untrusted data passed to external API |
| CWE‑693 | C++ | cpp/uncontrolled-process-operation | Uncontrolled process operation |
| CWE‑693 | C++ | cpp/unclear-array-index-validation | Unclear validation of array index |
| CWE‑693 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑693 | C++ | cpp/user-controlled-bypass | Authentication bypass by spoofing |
| CWE‑693 | C++ | cpp/certificate-result-conflation | Certificate result conflation |
| CWE‑693 | C++ | cpp/certificate-not-checked | Certificate not checked |
| CWE‑693 | C++ | cpp/cleartext-storage-buffer | Cleartext storage of sensitive information in buffer |
| CWE‑693 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑693 | C++ | cpp/cleartext-transmission | Cleartext transmission of sensitive information |
| CWE‑693 | C++ | cpp/cleartext-storage-database | Cleartext storage of sensitive information in an SQLite database |
| CWE‑693 | C++ | cpp/non-https-url | Failure to use HTTPS URLs |
| CWE‑693 | C++ | cpp/insufficient-key-size | Use of a cryptographic algorithm with insufficient key size |
| CWE‑693 | C++ | cpp/weak-cryptographic-algorithm | Use of a broken or risky cryptographic algorithm |
| CWE‑693 | C++ | cpp/openssl-heartbleed | Use of a version of OpenSSL with Heartbleed |
| CWE‑693 | C++ | cpp/world-writable-file-creation | File created without restricting permissions |
| CWE‑693 | C++ | cpp/open-call-with-mode-argument | File opened with O_CREAT flag but without mode argument |
| CWE‑693 | C++ | cpp/unsafe-dacl-security-descriptor | Setting a DACL to NULL in a SECURITY_DESCRIPTOR |
| CWE‑693 | C++ | cpp/tainted-permissions-check | Untrusted input for a condition |
| CWE‑693 | C++ | cpp/late-check-of-function-argument | Late Check Of Function Argument |
| CWE‑693 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑693 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑697 | C++ | cpp/missing-case-in-switch | Missing enum case in switch |
| CWE‑697 | C++ | cpp/operator-find-incorrectly-used-switch | Incorrect switch statement |
| CWE‑703 | C++ | cpp/return-value-ignored | Return value of a function is ignored |
| CWE‑703 | C++ | cpp/inconsistent-call-on-result | Inconsistent operation on return value |
| CWE‑703 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑703 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑703 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑703 | C++ | cpp/ignore-return-value-sal | SAL requires inspecting return value |
| CWE‑703 | C++ | cpp/hresult-boolean-conversion | Cast between HRESULT and a Boolean type |
| CWE‑703 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑703 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑703 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑703 | C++ | cpp/operator-find-incorrectly-used-exceptions | Operator Find Incorrectly Used Exceptions |
| CWE‑703 | C++ | cpp/improper-check-return-value-scanf | Improper check of return value of scanf |
| CWE‑704 | C++ | cpp/bad-addition-overflow-check | Bad check for overflow of integer addition |
| CWE‑704 | C++ | cpp/integer-multiplication-cast-to-long | Multiplication result converted to larger type |
| CWE‑704 | C++ | cpp/upcast-array-pointer-arithmetic | Upcast array used in pointer arithmetic |
| CWE‑704 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑704 | C++ | cpp/integer-overflow-tainted | Potential integer arithmetic overflow |
| CWE‑704 | C++ | cpp/incorrect-string-type-conversion | Cast from char to wchar_t |
| CWE‑705 | C++ | cpp/operator-find-incorrectly-used-exceptions | Operator Find Incorrectly Used Exceptions |
| CWE‑706 | C++ | cpp/path-injection | Uncontrolled data used in path expression |
| CWE‑707 | C++ | cpp/non-constant-format | Non-constant format string |
| CWE‑707 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑707 | C++ | cpp/improper-null-termination | Potential improper null termination |
| CWE‑707 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑707 | C++ | cpp/command-line-injection | Uncontrolled data used in OS command |
| CWE‑707 | C++ | cpp/cgi-xss | CGI script vulnerable to cross-site scripting |
| CWE‑707 | C++ | cpp/sql-injection | Uncontrolled data in SQL query |
| CWE‑707 | C++ | cpp/tainted-format-string | Uncontrolled format string |
| CWE‑707 | C++ | cpp/tainted-format-string-through-global | Uncontrolled format string (through global variable) |
| CWE‑707 | C++ | cpp/user-controlled-null-termination-tainted | User-controlled data may not be null terminated |
| CWE‑710 | C++ | cpp/unused-local-variable | Unused local variable |
| CWE‑710 | C++ | cpp/unused-static-function | Unused static function |
| CWE‑710 | C++ | cpp/unused-static-variable | Unused static variable |
| CWE‑710 | C++ | cpp/dead-code-condition | Branching condition always evaluates to same value |
| CWE‑710 | C++ | cpp/dead-code-function | Function is never called |
| CWE‑710 | C++ | cpp/dead-code-goto | Dead code due to goto or break statement |
| CWE‑710 | C++ | cpp/inconsistent-nullness-testing | Inconsistent null check of pointer |
| CWE‑710 | C++ | cpp/missing-null-test | Returned pointer not checked |
| CWE‑710 | C++ | cpp/unused-variable | Variable is assigned a value that is never read |
| CWE‑710 | C++ | cpp/fixme-comment | FIXME comment |
| CWE‑710 | C++ | cpp/todo-comment | TODO comment |
| CWE‑710 | C++ | cpp/inconsistent-null-check | Inconsistent nullness check |
| CWE‑710 | C++ | cpp/redundant-null-check-simple | Redundant null check due to previous dereference |
| CWE‑710 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑710 | C++ | cpp/wrong-number-format-arguments | Too few arguments to formatting function |
| CWE‑710 | C++ | cpp/wrong-type-format-argument | Wrong type of arguments to formatting function |
| CWE‑710 | C++ | cpp/useless-expression | Expression has no effect |
| CWE‑710 | C++ | cpp/pointer-overflow-check | Pointer overflow check |
| CWE‑710 | C++ | cpp/bad-strncpy-size | Possibly wrong buffer size in string copy |
| CWE‑710 | C++ | cpp/suspicious-call-to-memset | Suspicious call to memset |
| CWE‑710 | C++ | cpp/unsafe-strncat | Potentially unsafe call to strncat |
| CWE‑710 | C++ | cpp/unsafe-strcat | Potentially unsafe use of strcat |
| CWE‑710 | C++ | cpp/too-few-arguments | Call to function with fewer arguments than declared parameters |
| CWE‑710 | C++ | cpp/ignore-return-value-sal | SAL requires inspecting return value |
| CWE‑710 | C++ | cpp/memset-may-be-deleted | Call to memset may be deleted |
| CWE‑710 | C++ | cpp/hresult-boolean-conversion | Cast between HRESULT and a Boolean type |
| CWE‑710 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑710 | C++ | cpp/dangerous-function-overflow | Use of dangerous function |
| CWE‑710 | C++ | cpp/dangerous-cin | Dangerous use of 'cin' |
| CWE‑710 | C++ | cpp/potentially-dangerous-function | Use of potentially dangerous function |
| CWE‑710 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑710 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑710 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑710 | C++ | cpp/redundant-null-check-param | Redundant null check or missing null check of parameter |
| CWE‑710 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑710 | C++ | cpp/wrong-use-of-the-umask | Find the wrong use of the umask function. |
| CWE‑710 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑710 | C++ | cpp/operator-find-incorrectly-used-switch | Incorrect switch statement |
| CWE‑710 | C++ | cpp/double-release | Errors When Double Release |
| CWE‑710 | C++ | cpp/errors-of-undefined-program-behavior | Errors Of Undefined Program Behavior |
| CWE‑732 | C++ | cpp/world-writable-file-creation | File created without restricting permissions |
| CWE‑732 | C++ | cpp/open-call-with-mode-argument | File opened with O_CREAT flag but without mode argument |
| CWE‑732 | C++ | cpp/unsafe-dacl-security-descriptor | Setting a DACL to NULL in a SECURITY_DESCRIPTOR |
| CWE‑733 | C++ | cpp/memset-may-be-deleted | Call to memset may be deleted |
| CWE‑754 | C++ | cpp/return-value-ignored | Return value of a function is ignored |
| CWE‑754 | C++ | cpp/inconsistent-call-on-result | Inconsistent operation on return value |
| CWE‑754 | C++ | cpp/overflowing-snprintf | Potentially overflowing call to snprintf |
| CWE‑754 | C++ | cpp/ignore-return-value-sal | SAL requires inspecting return value |
| CWE‑754 | C++ | cpp/hresult-boolean-conversion | Cast between HRESULT and a Boolean type |
| CWE‑754 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑754 | C++ | cpp/work-with-changing-working-directories | Find work with changing working directories, with security errors. |
| CWE‑754 | C++ | cpp/drop-linux-privileges-outoforder | LinuxPrivilegeDroppingOutoforder |
| CWE‑754 | C++ | cpp/improper-check-return-value-scanf | Improper check of return value of scanf |
| CWE‑755 | C++ | cpp/incorrect-allocation-error-handling | Incorrect allocation-error handling |
| CWE‑755 | C++ | cpp/operator-find-incorrectly-used-exceptions | Operator Find Incorrectly Used Exceptions |
| CWE‑758 | C++ | cpp/pointer-overflow-check | Pointer overflow check |
| CWE‑758 | C++ | cpp/memset-may-be-deleted | Call to memset may be deleted |
| CWE‑758 | C++ | cpp/errors-of-undefined-program-behavior | Errors Of Undefined Program Behavior |
| CWE‑764 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑764 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑764 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑770 | C++ | cpp/alloca-in-loop | Call to alloca in a loop |
| CWE‑770 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑772 | C++ | cpp/catch-missing-free | Leaky catch |
| CWE‑772 | C++ | cpp/descriptor-may-not-be-closed | Open descriptor may not be closed |
| CWE‑772 | C++ | cpp/descriptor-never-closed | Open descriptor never closed |
| CWE‑772 | C++ | cpp/file-may-not-be-closed | Open file may not be closed |
| CWE‑772 | C++ | cpp/file-never-closed | Open file is not closed |
| CWE‑772 | C++ | cpp/memory-may-not-be-freed | Memory may not be freed |
| CWE‑772 | C++ | cpp/memory-never-freed | Memory is never freed |
| CWE‑772 | C++ | cpp/new-free-mismatch | Mismatching new/free or malloc/delete |
| CWE‑772 | C++ | cpp/memory-leak-on-failed-call-to-realloc | Memory leak on failed call to realloc |
| CWE‑775 | C++ | cpp/descriptor-may-not-be-closed | Open descriptor may not be closed |
| CWE‑775 | C++ | cpp/descriptor-never-closed | Open descriptor never closed |
| CWE‑775 | C++ | cpp/file-may-not-be-closed | Open file may not be closed |
| CWE‑775 | C++ | cpp/file-never-closed | Open file is not closed |
| CWE‑783 | C++ | cpp/operator-precedence-logic-error-when-use-bitwise-logical-operations | Operator Precedence Logic Error When Use Bitwise Or Logical Operations |
| CWE‑783 | C++ | cpp/operator-precedence-logic-error-when-use-bool-type | Operator Precedence Logic Error When Use Bool Type |
| CWE‑787 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑787 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑787 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑787 | C++ | cpp/badly-bounded-write | Badly bounded write |
| CWE‑787 | C++ | cpp/overrunning-write | Potentially overrunning write |
| CWE‑787 | C++ | cpp/overrunning-write-with-float | Potentially overrunning write with float to string conversion |
| CWE‑787 | C++ | cpp/unbounded-write | Unbounded write |
| CWE‑787 | C++ | cpp/very-likely-overrunning-write | Likely overrunning write |
| CWE‑787 | C++ | cpp/unterminated-variadic-call | Unterminated variadic call |
| CWE‑787 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑787 | C++ | cpp/sign-conversion-pointer-arithmetic | unsigned to signed used in pointer arithmetic |
| CWE‑788 | C++ | cpp/allocation-too-small | Not enough memory allocated for pointer type |
| CWE‑788 | C++ | cpp/suspicious-allocation-size | Not enough memory allocated for array of pointer type |
| CWE‑788 | C++ | cpp/unsafe-strncat | Potentially unsafe call to strncat |
| CWE‑788 | C++ | cpp/overflow-buffer | Call to memory access function may overflow buffer |
| CWE‑788 | C++ | cpp/unterminated-variadic-call | Unterminated variadic call |
| CWE‑788 | C++ | cpp/no-space-for-terminator | No space for zero terminator |
| CWE‑788 | C++ | cpp/openssl-heartbleed | Use of a version of OpenSSL with Heartbleed |
| CWE‑788 | C++ | cpp/access-memory-location-after-end-buffer-strlen | Access Of Memory Location After End Of Buffer |
| CWE‑789 | C++ | cpp/uncontrolled-allocation-size | Overflow in uncontrolled allocation size |
| CWE‑805 | C++ | cpp/badly-bounded-write | Badly bounded write |
| CWE‑805 | C++ | cpp/overrunning-write | Potentially overrunning write |
| CWE‑805 | C++ | cpp/overrunning-write-with-float | Potentially overrunning write with float to string conversion |
| CWE‑805 | C++ | cpp/unbounded-write | Unbounded write |
| CWE‑805 | C++ | cpp/very-likely-overrunning-write | Likely overrunning write |
| CWE‑807 | C++ | cpp/tainted-permissions-check | Untrusted input for a condition |
| CWE‑823 | C++ | cpp/late-negative-test | Pointer offset used before it is checked |
| CWE‑823 | C++ | cpp/missing-negativity-test | Unchecked return value used as offset |
| CWE‑825 | C++ | cpp/use-after-free | Potential use after free |
| CWE‑825 | C++ | cpp/return-stack-allocated-memory | Returning stack-allocated memory |
| CWE‑825 | C++ | cpp/using-expired-stack-address | Use of expired stack-address |
| CWE‑825 | C++ | cpp/double-free | Errors When Double Free |
| CWE‑826 | C++ | cpp/self-assignment-check | Self assignment check |
| CWE‑833 | C++ | cpp/lock-order-cycle | Cyclic lock order dependency |
| CWE‑833 | C++ | cpp/twice-locked | Mutex locked twice |
| CWE‑833 | C++ | cpp/unreleased-lock | Lock may not be released |
| CWE‑834 | C++ | cpp/inconsistent-loop-direction | Inconsistent direction of for loop |
| CWE‑834 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑834 | C++ | cpp/infinite-loop-with-unsatisfiable-exit-condition | Infinite loop with unsatisfiable exit condition |
| CWE‑835 | C++ | cpp/inconsistent-loop-direction | Inconsistent direction of for loop |
| CWE‑835 | C++ | cpp/comparison-with-wider-type | Comparison of narrow type with wide type in loop condition |
| CWE‑835 | C++ | cpp/infinite-loop-with-unsatisfiable-exit-condition | Infinite loop with unsatisfiable exit condition |
| CWE‑843 | C++ | cpp/upcast-array-pointer-arithmetic | Upcast array used in pointer arithmetic |
| CWE‑908 | C++ | cpp/improper-check-return-value-scanf | Improper check of return value of scanf |
| CWE‑909 | C++ | cpp/initialization-not-run | Initialization code not run |
| CWE‑922 | C++ | cpp/cleartext-storage-buffer | Cleartext storage of sensitive information in buffer |
| CWE‑922 | C++ | cpp/cleartext-storage-file | Cleartext storage of sensitive information in file |
| CWE‑922 | C++ | cpp/cleartext-storage-database | Cleartext storage of sensitive information in an SQLite database |
| CWE‑943 | C++ | cpp/sql-injection | Uncontrolled data in SQL query |
| CWE‑1041 | C++ | cpp/call-to-function-without-wrapper | Missed opportunity to call wrapper function |
| CWE‑1126 | C++ | cpp/errors-when-using-variable-declaration-inside-loop | Errors When Using Variable Declaration Inside Loop |