[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.

The software does not correctly calculate the length of strings that can contain wide or multi-byte characters.

Weaknesses in this category are caused by improper data type transformation or improper handling of multiple data types.

Weaknesses in this category are introduced when inserting or converting data from one representation into another.

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component.

This entry has been deprecated. It is a leftover from PLOVER, but CWE-138 is a more appropriate mapping.

Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka "dead store removal."

The software does not neutralize or incorrectly neutralizes delimiters.

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component.

The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as value delimiters when they are sent to a downstream component.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies