Paid content will be excluded from the download.
Matches : 909
The program accesses or uses a pointer that has not been initialized.
The application does not sufficiently restrict access to a log file that is used for debugging.
The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
The software does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.
Weaknesses in this category are related to the improper management of time and state in an environment that supports simultaneous or near-simultaneous computation by multiple systems, processes, or threads.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.
The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
The product stores sensitive information in files or directories that are accessible to actors outside of the intended control sphere.
The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.