[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Weaknesses in this category are related to the use of cryptography.

Weaknesses in this category are related to improper management of system resources.

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Weaknesses in this category are related to improper calculation or conversion of numbers.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies