A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to improper calculation or conversion of numbers.
The product divides a value by zero.
The code performs a comparison such as an equality test between two float (floating point) values, but it uses comparison operators that do not account...
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting va...
Integer coercion refers to a set of flaws pertaining to the type casting, extension, or truncation of primitive data types.
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the ...
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the co...
The program checks a value to ensure that it is less than or equal to a maximum, but it does not also verify that the value is greater than or equal to the minimum.
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
The software receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causin...
Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.
This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development l...