Appendix A

2010 CWE/SANS Top 25 Most Dangerous Programming Errors

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and are easy to exploit. They are dangerous because they frequently allow attackers to completely take over the software, steal data, or prevent the software from functioning at all.


The 2010 CWE/SANS Top 25 list is the result of collaboration between the SANS Institute, MITRE, and many top software security experts in the United States and Europe. It leverages experiences in the development of the SANS Top 20 attack vectors and MITRE’s Common Weakness Enumeration ...

Get Secure and Resilient Software Development now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.