|Paid content will be excluded from the download.
| Matches : 909
|The program contains a code sequence that can run concurrently
with other code, and the code sequence requires temporary, exclusive access to a
shared resource, but a timing window exists in which the shared resource can be
modified by another code sequence that is operating
The software reads data past the end, or before the beginning,
of the intended buffer.
Weaknesses in this category are related to the use of
Authenticating a user, or otherwise establishing a new user
session, without invalidating any existing session identifier gives an attacker
the opportunity to steal authenticated sessions.
Certificates should be carefully managed and checked to assure
that data are encrypted with the intended owner's public
The software performs operations on a memory buffer, but it can
read from or write to a memory location that is outside of the intended boundary
of the buffer.
An information exposure is the intentional or unintentional
disclosure of information to an actor that is not explicitly authorized to have
access to that information.
Weaknesses in this category are related to the management of
permissions, privileges, and other security features that are used to perform
The software constructs all or part of an OS command using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended OS command when it is sent to a downstream
The web application does not, or can not, sufficiently verify
whether a well-formed, valid, consistent request was intentionally provided by
the user who submitted the request.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2016 SecPod Technologies