SWC-100 | Function Default Visibility | CWE-710: Improper Adherence to Coding Standards |
SWC-101 | Integer Overflow and Underflow | CWE-682: Incorrect Calculation |
SWC-102 | Outdated Compiler Version | CWE-937: Using Components with Known Vulnerabilities |
SWC-103 | Floating Pragma | CWE-664: Improper Control of a Resource Through its Lifetime |
SWC-104 | Unchecked Call Return Value | CWE-252: Unchecked Return Value |
SWC-105 | Unprotected Ether Withdrawal | CWE-284: Improper Access Control |
SWC-106 | Unprotected SELFDESTRUCT Instruction | CWE-284: Improper Access Control |
SWC-107 | Reentrancy | CWE-841: Improper Enforcement of Behavioral Workflow |
SWC-108 | State Variable Default Visibility | CWE-710: Improper Adherence to Coding Standards |
SWC-109 | Uninitialized Storage Pointer | CWE-824: Access of Uninitialized Pointer |
SWC-110 | Assert Violation | CWE-670: Always-Incorrect Control Flow Implementation |
SWC-111 | Use of Deprecated Solidity Functions | CWE-477: Use of Obsolete Function |
SWC-112 | Delegatecall to Untrusted Callee | CWE-829: Inclusion of Functionality from Untrusted Control Sphere |
SWC-113 | DoS with Failed Call | CWE-703: Improper Check or Handling of Exceptional Conditions |
SWC-114 | Transaction Order Dependence | CWE-362: Race Condition |
SWC-115 | Authorization through tx.origin | CWE-477: Use of Obsolete Function |
SWC-116 | Block values as a proxy for time | CWE-829: Inclusion of Functionality from Untrusted Control Sphere |
SWC-117 | Signature Malleability | CWE-347: Improper Verification of Cryptographic Signature |
SWC-118 | Incorrect Constructor Name | CWE-665: Improper Initialization |
SWC-119 | Shadowing State Variables | CWE-710: Improper Adherence to Coding Standards |
SWC-120 | Weak Sources of Randomness from Chain Attributes | CWE-330: Use of Insufficiently Random Values |
SWC-121 | Missing Protection against Signature Replay Attacks | CWE-347: Improper Verification of Cryptographic Signature |
SWC-122 | Lack of Proper Signature Verification | CWE-345: Insufficient Verification of Data Authenticity |
SWC-123 | Requirement Violation | CWE-573: Improper Following of Specification by Caller |
SWC-124 | Write to Arbitrary Storage Location | CWE-123: Write-what-where Condition |
SWC-125 | Incorrect Inheritance Order | CWE-696: Incorrect Behavior Order |
SWC-126 | Insufficient Gas Griefing | CWE-691: Insufficient Control Flow Management |
SWC-127 | Arbitrary Jump with Function Type Variable | CWE-695: Use of Low-Level Functionality |
SWC-128 | DoS With Block Gas Limit | CWE-400: Uncontrolled Resource Consumption |
SWC-129 | Typographical Error | CWE-480: Use of Incorrect Operator |
SWC-130 | Right-To-Left-Override control character (U+202E) | CWE-451: User Interface (UI) Misrepresentation of Critical Information |
SWC-131 | Presence of unused variables | CWE-1164: Irrelevant Code |
SWC-132 | Unexpected Ether balance | CWE-667: Improper Locking |
SWC-133 | Hash Collisions With Multiple Variable Length Arguments | CWE-294: Authentication Bypass by Capture-replay |
SWC-134 | Message call with hardcoded gas amount | CWE-655: Improper Initialization |
SWC-135 | Code With No Effects | CWE-1164: Irrelevant Code |
SWC-136 | Unencrypted Private Data On-Chain | CWE-767: Access to Critical Private Variable via Public Method |