[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The product, while copying or cloning a resource, does not set the resource's permissions or access control until the copy is complete, leaving the resource exposed to other spheres while the copy is taking place.

The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.

The product uses a blacklist-based protection mechanism to defend against XSS attacks, but the blacklist is incomplete, allowing XSS variants to succeed.

The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

The software uses the size of a source buffer when reading from or writing to a destination buffer, which may cause it to access memory that is outside of the bounds of the buffer.

The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.

The software utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.

The software utilizes a shared resource in a concurrent manner but it does not correctly synchronize access to the resource.

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.


Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   90

© SecPod Technologies