[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

140669

 
 

909

 
 

113959

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The product stores sensitive information in files or directories that are accessible to actors outside of the intended control sphere.

The product does not properly control the amount of recursion that takes place, which consumes excessive resources, such as allocated memory or the program stack.

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

This category includes weaknesses that occur when an application does not properly handle errors that occur during processing.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies