Other Classifications

Common Weakness Enumeration (CWE)

Software Fault Patterns (SFP)

Semantic Templates (ST)

  1. The software faults that lead to a weakness.
  2. The resources that a weakness affects.
  3. The weakness attributes.
  4. The consequences/failures resulting from the weakness."

The NSA Center for Assured Software (CAS)

Software State-of-the-Art Resources (SOAR)

SEI CERT C Coding Standard

Common Vulnerabilities and Exposures (CVE)

Open Web Application Security Project (OWASP)

Common Attack Pattern Enumeration and Classification (CAPEC)

ISO/IEC JTC1/SC22/WG23 Technical Report