[Forgot Password]
Login  Register Subscribe

24547

 
 

132804

 
 

129887

 
 

909

 
 

106711

 
 

152

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Weaknesses in this category are related to improper handling of sensitive information.

Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

Weaknesses in this category are related to the use of cryptography.

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies