Skip to main content
Cybersecurity

Table 3 Common weakness enumeration used in Sifu challenges

From: Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach

CWE

Ref.

Related SCG

Description

CWE-14

(MITRE 2020a)

MSC06-C

Compiler Removal of Code to Clear Buffers

CWE-77

(MITRE 2020b)

ENV33-C

Improper Neutralization of Special Elements used in a Command

CWE-121

(MITRE 2020c)

ARR38-C STR31-C

Stack-based Buffer Overflow

CWE-242

(MITRE 2020d)

POS33-C

Use of Inherently Dangerous Function

CWE-338

(MITRE 2020e)

MSC30-C

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

CWE-676

(MITRE 2020f)

CON33-C ENV33-C

 
  

ERR07-C ERR34-C

Use of Potentially Dangerous Function

  

FIO01-C MSC30-C

 
  

STR31-C

 

CWE-758

(MITRE 2020g)

ARR32-C ERR34-C

 
  

EXP30-C EXP33-C

 
  

FIO46-C INT34-C

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

  

INT36-C MEM30-C

 
  

MSC14-C MSC15-C

 
  

MSC37-C

 
  1. CWE: Common Weakness Enumeration, SCG.: SEI-CERT Secure Coding Guideline
Back to article page