[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125989

 
 

909

 
 

104881

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended.

The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Weaknesses in this category are typically introduced during the configuration of the software.

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies