[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

Weaknesses in this category are related to improper management of system resources.

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Weaknesses in this category are related to the management of credentials.

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies