Paid content will be excluded from the download.
Matches : 909
The product uses a blacklist-based protection mechanism to defend against XSS attacks, but the blacklist is incomplete, allowing XSS variants to succeed.
The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
The software uses the size of a source buffer when reading from or writing to a destination buffer, which may cause it to access memory that is outside of the bounds of the buffer.
The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
The software utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
The software utilizes a shared resource in a concurrent manner but it does not correctly synchronize access to the resource.
The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.
The program dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
The program releases a resource that is still intended to be used by the program itself or another actor.