|Paid content will be excluded from the download.
| Matches : 909
|When malformed or abnormal HTTP requests are interpreted by one
or more entities in the data flow between the user and the web server, such as a
proxy or firewall, they can be interpreted inconsistently, allowing the attacker
to "smuggle" a request to one device without the other device being aware of
The software stores or transmits sensitive data using an
encryption scheme that is theoretically sound, but is not strong enough for the
level of protection required.
The software does not check or improperly checks for unusual or
exceptional conditions that are not expected to occur frequently during day to
day operation of the software.
The software does not perform any authentication for
functionality that requires a provable user identity or consumes a significant
amount of resources.
The product uses a search path that contains an unquoted
element, in which the element contains whitespace or other separators. This can
cause the product to access resources in a parent path.
The product does not sufficiently encapsulate critical data or
Weaknesses in this category are typically found within source
The software can be influenced by an attacker to open more
files than are supported by the system.
The program does not release or incorrectly releases a resource
before it is made available for re-use.
The software may use insufficiently random numbers or values in
a security context that depends on unpredictable numbers.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies