[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

Weaknesses in this category are related to errors in the management of cryptographic keys.

The software writes data past the end, or before the beginning, of the intended buffer.

An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.

The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies