[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

This weakness occurs when the application transmits or stores authentication credentials and uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

The product does not properly control the amount of recursion that takes place, which consumes excessive resources, such as allocated memory or the program stack.

The software uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.

The application attempts to return a memory resource to the system, but calls the wrong release function or calls the appropriate release function incorrectly.

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

The software does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

The software does not sufficiently delimit the arguments being passed to a component in another control sphere, allowing alternate arguments to be provided, leading to potentially security-relevant changes.

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies