[Forgot Password]
Login  Register Subscribe

24547

 
 

132176

 
 

122448

 
 

909

 
 

100878

 
 

148

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

This tries to cover various problems in which improper data are included within a "container."

Weaknesses in this category are related to improper calculation or conversion of numbers.

The software writes data past the end, or before the beginning, of the intended buffer.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Weaknesses in this category are related to improper management of system resources.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies