[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.

Weaknesses in this category are related to improper management of system state.

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

The software does not correctly convert an object, resource or structure from one type to a different type.

The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

The software does not properly verify that the source of data or communication is valid.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies