|Paid content will be excluded from the download.
| Matches : 909
|The product calls free() twice on the same memory address,
potentially leading to modification of unexpected memory
Software security is not security software. Here we're
concerned with topics like authentication, access control, confidentiality,
cryptography, and privilege management.
The software specifies a regular expression in a way that
causes data to be improperly matched or compared.
Weaknesses in this category are related to improper handling of
communication channels and access paths.
The software does not implement or incorrectly implements one
or more security-relevant checks as specified by the design of a standardized
algorithm, protocol, or technique.
The product subtracts one value from another, such that the
result is less than the minimum allowable integer value, which produces a value
that is not equal to the correct result.
The software performs a calculation that can produce an integer
overflow or wraparound, when the logic assumes that the resulting value will
always be larger than the original value. This can introduce other weaknesses
when the calculation is used for resource management or execution
The software stores or transmits sensitive data using an
encryption scheme that is theoretically sound, but is not strong enough for the
level of protection required.
The software constructs all or part of an SQL command using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended SQL command when it is sent to a downstream
The software attempts to access a file based on the filename,
but it does not properly prevent that filename from identifying a link or
shortcut that resolves to an unintended resource.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies