[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

124222

 
 

909

 
 

106938

 
 

150

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software does not correctly convert an object, resource or structure from one type to a different type.

The software writes data past the end, or before the beginning, of the intended buffer.

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

Weaknesses in this category are related to the use of cryptography.

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies