|Paid content will be excluded from the download.
| Matches : 909
|The software provides an Applications Programming Interface
(API) or similar interface for interaction with external actors, but the
interface includes a dangerous method or function that is not properly
The software constructs all or part of an LDAP query using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended LDAP query when it is sent to a downstream
The lack of entropy available for, or used by, a Pseudo-Random
Number Generator (PRNG) can be a stability and security
Host-specific certificate data is not validated or is
incorrectly validated, so while the certificate read is valid, it may not be for
the site originally requested.
The software uses an algorithm or scheme that produces
insufficient entropy, leaving patterns or clusters of values that are more
likely to occur than others.
An algorithm in a product has an inefficient worst-case
computational complexity that may be detrimental to system performance and can
be triggered by an attacker, typically using crafted manipulations that ensure
that the worst case is being reached.
Any condition where the attacker has the ability to write an
arbitrary value to an arbitrary location, often as the result of a buffer
Weaknesses in this category are related to improper handling of
The software can be influenced by an attacker to open more
files than are supported by the system.
The program does not release or incorrectly releases a resource
before it is made available for re-use.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies