[Forgot Password]
Login  Register Subscribe

24544

 
 

132176

 
 

121593

 
 

909

 
 

100139

 
 

148

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

Weaknesses in this category are related to improper handling of data within protection mechanisms that attempt to perform neutralization for untrusted data.

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.

The program accesses or uses a pointer that has not been initialized.

The application does not sufficiently restrict access to a log file that is used for debugging.

The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies