Common Weakness Enumeration (CWE) is an encyclopedia of over 600 types of software weaknesses . Some of the classes are buffer overflow, directory traversal, OS injection, race condition, cross-site scripting, hard-coded password and insecure random numbers. CWE is a widely-used compilation, which has gone through many iterations. Many tools and projects are based on it. Each CWE has a variety of information, such as description summary, extended description, white box definition, consequences, examples, background details and other notes, recorded occurrences (Common Vulnerabilities and Exposures or CVE), mitigations, relations to other CWEs, and references.
Software Fault Patterns (SFP) are a clustering of CWEs into related weakness categories. Each cluster is factored into formally defined attributes, with sites footholds, conditions, properties, sources, sinks, etc. This work overcomes the problem of combinations of attributes in CWE. For instance, the SFP factored attributes are more clear than the irregular coverage of CWEs.
The NSA Center for Assured Software (CAS) defines a set of Weakness Classes in its “Static Analysis Tool Study - Methodology”.
The Software State-of-the-Art Resources (SOAR) Matrix defines and describes a process for selecting and using appropriate analysis tools and techniques for evaluating software for software (security) assurance. In particular, it identifies types of tools and techniques available for evaluating software, as well as the following technical objectives those tools and techniques can meet :
The SEI CERT C Coding Standard defines the following “rules for secure coding in the C programming language” with the goal to “to develop safe, reliable, and secure systems, for example by eliminating undefined behaviors that can lead to undefined program behaviors and exploitable vulnerabilities”
The Common Vulnerabilities and Exposures (CVE) is “a dictionary of publicly known information security vulnerabilities and exposures” . “CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.”.
The Open Web Application Security Project (OWASP) defines 20 categories of vulnerabilities.
The Common Attack Pattern Enumeration and Classification (CAPEC) “is a comprehensive dictionary and classification taxonomy of known attacks that can be used by analysts, developers, testers, and educators to advance community understanding and enhance defenses”
ISO/IEC/JTC 1/SC 22/WG 23 is working on a Technical Report (RT), which includes a “taxonomic hierarchy of vulnerabilities”, giving each vulnerability an arbitrary three-letter code . The general part, TR 24772-1, is an and applies to all languages. There are many supplements, one for each language – for example, TR24772-2 Ada, TR24772-3 C, and TR24772-9 C++.