[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Weaknesses in this category are related to the use of cryptography.

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

A Pseudo-Random Number Generator (PRNG) uses seeds incorrectly.

The software uses or specifies an encoding when generating output to a downstream component, but the specified encoding is not the same as the encoding that is expected by the downstream component.

The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on how many resources can be allocated, in violation of the intended security policy for that actor.

The software does not enforce or incorrectly enforces that structured messages or data are well-formed before being read from an upstream component or sent to a downstream component.

Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   90

© SecPod Technologies