[Forgot Password]
Login  Register Subscribe

24003

 
 

131517

 
 

106904

 
 

909

 
 

84902

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.

Weaknesses in this category are related to the improper management of time and state in an environment that supports simultaneous or near-simultaneous computation by multiple systems, processes, or threads.

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

Weaknesses in this category are organized based on which phase they are introduced during the software development and deployment process.

An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.

Weaknesses in this category are related to improper management of system state.

The product does not sufficiently encapsulate critical data or functionality.

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG is not cryptographically strong.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies