Paid content will be excluded from the download.
Matches : 909
Weaknesses in this category are related to improper management of system resources.
The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.
The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
This category includes weaknesses that occur when an application does not properly handle errors that occur during processing.
Weaknesses in this category are typically introduced during code development, including specification, design, and implementation.