| Paid content will be excluded from the download. |
|
Filter
|
|
Matches : 909 |
Download
| Alert*
|
The software uses the size of a source buffer when reading from
or writing to a destination buffer, which may cause it to access memory that is
outside of the bounds of the buffer.
The application uses a protection mechanism that relies on the
existence or values of an input, but the input can be modified by an untrusted
actor in a way that bypasses the protection mechanism.
The software utilizes a shared resource in a concurrent manner
but does not attempt to synchronize access to the resource.
The software utilizes a shared resource in a concurrent manner
but it does not correctly synchronize access to the
resource.
The program obtains a value from an untrusted source, converts
this value to a pointer, and dereferences the resulting pointer.
The program performs pointer arithmetic on a valid pointer, but
it uses an offset that can point outside of the intended range of valid memory
locations for the resulting pointer.
The program dereferences a pointer that contains a location for
memory that was previously valid, but is no longer valid.
The program releases a resource that is still intended to be
used by the program itself or another actor.
The software does not restrict a reference to a Document Type
Definition (DTD) to the intended control sphere. This might allow attackers to
reference arbitrary DTDs, possibly causing the software to expose files, consume
excessive system resources, or execute arbitrary http requests on behalf of the
attacker.
The software defines a signal handler that contains code
sequences that are not asynchronous-safe, i.e., the functionality is not
reentrant, or it can be interrupted.
Pages: Start 3 4 5 6 7 8 9 10 11 12 13 14 15 16 .. 90
© 2013 SecPod Technologies
