[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

The software stores security-critical state information about its users, or the software itself, in a location that is accessible to unauthorized actors.

The program does not release or incorrectly releases a resource before it is made available for re-use.

Weaknesses in this category are typically found within source code.

Weaknesses in this category are organized based on which phase they are introduced during the software development and deployment process.

The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.

An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.

Weaknesses in this category can be used to access files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence).

Weaknesses in this category are related to improper handling of sensitive information.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies