[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125989

 
 

909

 
 

104881

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

The software writes data past the end, or before the beginning, of the intended buffer.

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Weaknesses in this category are related to the management of credentials.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies