|Paid content will be excluded from the download.
| Matches : 909
|The software does not restrict or incorrectly restricts access
to a resource from an unauthorized actor.
Software security is not security software. Here we're
concerned with topics like authentication, access control, confidentiality,
cryptography, and privilege management.
Weaknesses in this category are typically introduced during the
configuration of the software.
The program does not release or incorrectly releases a resource
before it is made available for re-use.
The software may use insufficiently random numbers or values in
a security context that depends on unpredictable numbers.
The software does not restrict or incorrectly restricts
operations within the boundaries of a resource that is accessed using an index
or pointer, such as memory or files.
The software does not properly verify that the source of data
or communication is valid.
The software does not properly neutralize special elements that
are used in XML, allowing attackers to modify the syntax, content, or commands
of the XML before it is processed by an end system.
The product uses a search path that contains an unquoted
element, in which the element contains whitespace or other separators. This can
cause the product to access resources in a parent path.
The product uses a fixed or controlled search path to find
resources, but one or more locations in that path can be under the control of
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies