[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125990

 
 

909

 
 

104883

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

The product processes an XML document that can contain XML entities with URLs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

Weaknesses in this category are related to improper management of system resources.

The software does not verify, or incorrectly verifies, the cryptographic signature for data.

This tries to cover various problems in which improper data are included within a "container."

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies