Paid content will be excluded from the download.
Matches : 909
Weaknesses in this category are organized based on which phase they are introduced during the software development and deployment process.
The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Weaknesses in this category are related to improper assignment or handling of permissions.
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
The product processes an XML document that can contain XML entities with URLs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.