[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

123799

 
 

909

 
 

102620

 
 

150

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor.

The software can be influenced by an attacker to open more files than are supported by the system.

An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

The software stores security-critical state information about its users, or the software itself, in a location that is accessible to unauthorized actors.

The program does not release or incorrectly releases a resource before it is made available for re-use.

Weaknesses in this category are typically found within source code.

Weaknesses in this category are organized based on which phase they are introduced during the software development and deployment process.

An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.

Weaknesses in this category can be used to access files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence).


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies