CWE Research List

This forum is an archive for the mailing list cwe-research-list@lists.mitre.org (more options) Messages posted here will be sent to this mailing list.

CWE Research - A lightly moderated public forum to discuss CWE definitions, suggest potential definition expansion(s), and/or submit new definitions. General discussion of the vulnerabilities themselves is also welcome.
12
Topics (69)
Replies Last Post Views
Request for comment - homophone attacks by Kurt Seifried
18
by Christey, Steven M.
CWE Schema Proposal by Andrew Buttner
1
by Andrew Buttner
Suggestions for Changes to CWE-581 (UNCLASSIFIED) by Hood, Jonathan W CTR...
5
by Hood, Jonathan W CTR...
update for https://cwe.mitre.org/data/definitions/67.html by Kurt Seifried
2
by Kurt Seifried
Request to tidy up CWE-79 / CWE-80 by Kurt Seifried
2
by Harchar, John E [US]...
Request for comment - oauth related CWEs by Kurt Seifried
0
by Kurt Seifried
CWE Version 2.11 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Privacy Policy Change by Andrew Buttner
0
by Andrew Buttner
test by Robert A. Martin
1
by Charles Parker
CWE Taxonomy Mappings by Andrew Buttner
0
by Andrew Buttner
CWE Reuse vs Deprecation by Andrew Buttner
13
by Wheeler, David A
HTTPS Interception Weakens TLS Security by Jeffrey Walton
1
by Andrew Buttner
CWE - request for additional weaknesses by Christey, Steven M.
0
by Christey, Steven M.
CWE Version 2.10 is Released by Andrew Buttner
0
by Andrew Buttner
Planned Changes to the CWE Development View (CWE-699) by Christey, Steven M.
1
by Christey, Steven M.
Last call - Planned Changes to the CWE Development View (CWE-699) by Christey, Steven M.
0
by Christey, Steven M.
Which CWE fields do you find important? by Andrew Buttner
6
by Andrew Buttner
CWE and CAPEC Support in 2017 by Andrew Buttner
0
by Andrew Buttner
CWE 2.8 database by andy
6
by andrew murren
Wording issue in CWE-107 by G. Ann Campbell
0
by G. Ann Campbell
CWE-788: does the extended description contains a mistake ? by Roberto Martelloni
5
by Christey, Steven M.
Rationalize CWE-119 (improper buffer bound restriction) and CWE-120 (classic buffer overflow) by Wheeler, David A
4
by Pascal Meunier
CVE or CWE for using/accepting wrong CA to certify a certificate? by Jeffrey Walton
4
by Jeffrey Walton
CWE 651 by yossi
0
by yossi
CWE for overly permissive crossdomain.xml? by Seth Art
5
by Christey, Steven M.
New CWE listing? by G. Ann Campbell
0
by G. Ann Campbell
OWASP Top 10 by JA
0
by JA
Question about CVE description by Piper, Lesley A
1
by Kurt Seifried
Mailing list unsubscribe messages by Christey, Steven M.
0
by Christey, Steven M.
CWE-73 should be related to CWE-22 by Dave Ferguson
4
by John Lin
Incomplete view: OWASP Top Ten 2013 A1 - Injection by Chris Eng
2
by SerafĂ­n Raya
Re: CWE-459 by rcvalle
0
by rcvalle
Insufficient Comparison (CWE-697) by rcvalle
0
by rcvalle
Use after free by Steve Grubb
13
by Christina
CWE-459 by Steve Grubb
5
by Office of Residentia...
12