|Paid content will be excluded from the download.
| Matches : 909
|The software uses externally-controlled format strings in
printf-style functions, which can lead to buffer overflows or data
Weaknesses in this category are related to improper management
of system state.
Information written to log files can be of a sensitive nature
and give valuable guidance to an attacker or expose sensitive user
The software does not correctly convert an object, resource or
structure from one type to a different type.
The software prepares a structured message for communication
with another component, but encoding or escaping of the data is either missing
or done incorrectly. As a result, the intended structure of the message is not
The software uses an algorithm or scheme that produces
insufficient entropy, leaving patterns or clusters of values that are more
likely to occur than others.
The product uses untrusted input when calculating or using an
array index, but the product does not validate or incorrectly validates the
index to ensure the index references a valid position within the array.
The software contains a mechanism for users to recover or
change their passwords without knowing the original password, but the mechanism
The software uses CRLF (carriage return line feeds) as a
special element, e.g. to separate lines or records, but it does not neutralize
or incorrectly neutralizes CRLF sequences from inputs.
The software does not properly verify that the source of data
or communication is valid.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies