Paid content will be excluded from the download.
Matches : 909
The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.
Host-specific certificate data is not validated or is incorrectly validated, so while the certificate read is valid, it may not be for the site originally requested.
Weaknesses in this category are related to errors in the management of cryptographic keys.
Weaknesses in this category are related to improper management of system state.
The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.
The application does not sufficiently restrict access to a log file that is used for debugging.
This tries to cover various problems in which improper data are included within a "container."
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.