Software Vulnerability

Memory safety violations
- Buffer overflows and over-reads
- Dangling pointers
~~input validation errors~~
- Format string attacks
- ~~SQL injection~~
- ~~Code injection~~
- ~~E-mail injection~~
- ~~Directory traversal~~
- ~~Cross-site scripting in web applications~~
- ~~HTTP header injection~~
- ~~HTTP response splitting~~
Race conditions
- Time-of-check-to-time-of-use bugs
- ~~Symlink races~~
~~Privilege-confusion bugs~~
- ~~Cross-site request forgery in web applications~~
- ~~Clickjacking~~
- ~~FTP bounce attack~~
Privilege escalation
~~User interface failures~~
- ~~Warning fatigue or user conditioning.~~
- ~~Blaming the Victim Prompting a user to make a security decision without giving the user enough information to answer it~~
- ~~Race Conditions~~
Side-channel attack
- Timing attack

In the above classification of software vulnerabilities, memory safety violations is classified by spatial and temporal memory safety violation.

Buffer Overflow is spatial memory safety violations, while Dangling pointer is temporal memory safety violation. This is a coarse-grained classification for memory safety violations. Detailed classification for memory safety violations is as follows:

Memory safety violations

Array bounds errors
- Buffer overflow
- Buffer over-read
Dynamic memory errors
- Dangling pointer
- Double free
- Invalid free
- Null pointer
Uninitialized variables
- Wild pointer
Out-of-memory errors
- Stack exhaustion
- Heap exhaustion