[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.

Weaknesses in this category are typically introduced during the configuration of the software.

The program does not release or incorrectly releases a resource before it is made available for re-use.

The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.

The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.

The software does not properly verify that the source of data or communication is valid.

The software does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© 2013 SecPod Technologies