[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended.

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

The product processes an XML document that can contain XML entities with URLs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Weaknesses in this category are related to the use of cryptography.

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

The software constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.

Weaknesses in this category are related to improper assignment or handling of permissions.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies