[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

The program dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.

The program releases a resource that is still intended to be used by the program itself or another actor.

The software does not restrict a reference to a Document Type Definition (DTD) to the intended control sphere. This might allow attackers to reference arbitrary DTDs, possibly causing the software to expose files, consume excessive system resources, or execute arbitrary http requests on behalf of the attacker.

The software defines a signal handler that contains code sequences that are not asynchronous-safe, i.e., the functionality is not reentrant, or it can be interrupted.

The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

The software includes web functionality (such as a web widget) from another domain, which causes it to operate within the domain of the software, potentially granting total access and control of the software to the untrusted source.

The software defines a function that is used as a handler for more than one signal.

The software attempts to unlock a resource that is not locked.

Pages:      Start    4    5    6    7    8    9    10    11    12    13    14    15    16    17    ..   90

© SecPod Technologies