[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

This tries to cover various problems in which improper data are included within a "container."

Weaknesses in this category are related to improper calculation or conversion of numbers.

The software writes data past the end, or before the beginning, of the intended buffer.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Weaknesses in this category are related to improper management of system resources.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies