[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.

Weaknesses in this category are related to improper management of system state.

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

The software does not correctly convert an object, resource or structure from one type to a different type.

The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

The software does not properly verify that the source of data or communication is valid.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies