Common Weakness Enumeration
What is Common Weakness Enumeration (CWE™)?
Examples of Software Weaknesses:
• Buffer overflows, format strings, etc.
• Structure and validity problems
• Common special element manipulations
• Channel and path errors
• Handler errors
• User interface errors
• Pathname traversal and equivalence errors
• Authentication errors
• Resource management errors
• Insufficient verification of data
• Code evaluation and injection
• Randomness and predictability
The CWE Top 25 Most Dangerous Software Weaknesses List is a free, easy to use community resource that identifies the most widespread and critical programming errors that can lead to serious software vulnerabilities. These weaknesses are often easy to find, and easy to exploit.
QA-MISRA is a powerful static analyzer that ensures compliance with international coding guidelines, promoting software safety and security. The tool supports CWE rule sets.
With QA-MISRA there are no hidden extras, coding language variants, or compliance module add-ons. It provides a single solution to automatically check your C or C++ source code for compliance against the most common international software safety and security standards.