|
CWE-276
|
Incorrect Default Permissions
|
|
CWE-285
|
Improper Authorization
|
|
CWE-434
|
Unrestricted Upload of File with Dangerous Type
|
|
CWE-693
|
Protection Mechanism Failure
|
|
CWE-732
|
Incorrect Permission Assignment for Critical Resource
|
|
CWE-1191
|
On-Chip Debug and Test Interface With Improper Access Control
|
|
CWE-1193
|
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
|
|
CWE-1220
|
Insufficient Granularity of Access Control
|
|
CWE-1297
|
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
|
|
CWE-1311
|
Improper Translation of Security Attributes by Fabric Bridge
|
|
CWE-1314
|
Missing Write Protection for Parametric Data Values
|
|
CWE-1315
|
Improper Setting of Bus Controlling Capability in Fabric End-point
|
|
CWE-1318
|
Missing Support for Security Features in On-chip Fabrics or Buses
|
|
CWE-1320
|
Improper Protection for Outbound Error Messages and Alert Signals
|
|
CWE-1321
|
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
|
CWE-1327
|
Binding to an Unrestricted IP Address
|