[Forgot Password]
Login  Register Subscribe

22198

 
 

114826

 
 

85404

 
 

909

 
 

74262

 
 

95

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

The software reads data past the end, or before the beginning, of the intended buffer.

Weaknesses in this category are related to improper management of system resources.

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

The product processes an XML document that can contain XML entities with URLs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2016 SecPod Technologies