Paid content will be excluded from the download.
Matches : 909
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
The software does not properly verify that the source of data or communication is valid.
Weaknesses in this category are related to improper handling of communication channels and access paths.
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.
This category includes weaknesses that occur when an application does not properly handle errors that occur during processing.
The software reads data past the end, or before the beginning, of the intended buffer.