Paid content will be excluded from the download.
Matches : 909
Weaknesses in this category are typically found within source code.
The software validates input before it is canonicalized, which prevents the software from detecting data that becomes invalid after the canonicalization step.
The software validates data before it has been filtered, which prevents the software from detecting data that becomes invalid after the filtering step.
The software filters data in a way that causes it to be reduced or "collapsed" into an unsafe value that violates an expected security property.
An application uses a "whitelist" of acceptable values, but the whitelist includes at least one unsafe value, leading to resultant weaknesses.
An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.
The software specifies a regular expression in a way that causes data to be improperly matched or compared.
A regular expression is overly restrictive, which prevents dangerous values from being detected.
The software performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses.
The software makes invalid assumptions about how protocol data or memory is organized at a lower level, resulting in unintended program behavior.