A taxonomy for identifying the common sources of software flaws (e.g., buffer overflows, failure to check input data).
Sources:
CNSSI 4009-2015
from
NIST ITL Bulletin, Dec. 2013
NISTIR 8011 Vol. 4
from
CNSSI 4009-2015
A list of known poor coding practices that may be present in software [CWE].
Sources:
NISTIR 8011 Vol. 4
See also, weakness.
Sources:
NISTIR 8011 Vol. 4