[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

137225

 
 

909

 
 

112105

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.

Weaknesses in this category are related to improper handling of data within protection mechanisms that attempt to perform neutralization for untrusted data.

An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

The software does not enforce or incorrectly enforces that structured messages or data are well-formed before being read from an upstream component or sent to a downstream component.

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Weaknesses in this category are typically found in functionality that processes data.

Weaknesses in this category are related to the use of cryptography.


Pages:      Start    4    5    6    7    8    9    10    11    12    13    14    15    16    17    ..   90

© SecPod Technologies