Paid content will be excluded from the download.
Matches : 909
The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Files or directories are accessible in the environment that should not be.
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
The software does not handle or incorrectly handles an exceptional condition.
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.