|Paid content will be excluded from the download.
| Matches : 909
|The program accesses or uses a pointer that has not been
The software does not properly encode or decode the data,
resulting in unexpected values.
Weaknesses in this category are organized based on which phase
they are introduced during the software development and deployment
The product stores sensitive information in files or
directories that are accessible to actors outside of the intended control
The software does not sufficiently delimit the arguments being
passed to a component in another control sphere, allowing alternate arguments to
be provided, leading to potentially security-relevant
The software does not initialize or incorrectly initializes a
resource, which might leave the resource in an unexpected state when it is
accessed or used.
A product can be used as an intermediary or proxy between an
attacker and the ultimate target, so that the attacker can either bypass access
controls or hide activities.
The product does not properly transfer a resource/behavior to
another sphere, or improperly imports a resource/behavior from another sphere,
in a manner that provides unintended control over that
The software receives input from an upstream component, but it
does not restrict or incorrectly restricts the input before it is used as an
identifier for a resource that may be outside the intended sphere of
The software does not release a file descriptor or handle after
its effective lifetime has ended, i.e., after the file descriptor/handle is no
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies