[Forgot Password]
Login  Register Subscribe

24547

 
 

132803

 
 

127844

 
 

909

 
 

105823

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

Weaknesses in this category are related to the use of cryptography.

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Weaknesses in this category are related to the management of credentials.

The software stores security-critical state information about its users, or the software itself, in a location that is accessible to unauthorized actors.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies