[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

251139

 
 

909

 
 

196159

 
 

282

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used.

Weaknesses in this category are related to improper handling of sensitive information.

Weaknesses in this category are typically introduced during unexpected environmental conditions.

The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

This view (slice) covers all the elements in CWE.

The accidental exposure of sensitive information through sent data refers to the transmission of data which are either sensitive in and of itself or useful in the further exploitation of the system through standard data channels.

When trying to keep information confidential, an attacker can often infer some of the information by using statistics.

The product behaves differently or sends different responses in a way that exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

The software provides different responses to incoming requests in a way that allows an actor to determine system state information that is outside of that actor's control sphere.


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   90

© SecPod Technologies