[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108684

 
 

909

 
 

85446

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

Weaknesses in this category are related to improper management of system resources.

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Weaknesses in this category are related to the management of credentials.

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies