[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

140669

 
 

909

 
 

113959

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

The program does not release or incorrectly releases a resource before it is made available for re-use.

The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

The software specifies a regular expression in a way that causes data to be improperly matched or compared.

The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.

An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.

Weaknesses in this category are typically found within source code.

The software uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG is not cryptographically strong.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies