|Paid content will be excluded from the download.
| Matches : 909
|Certificates should be carefully managed and checked to assure
that data are encrypted with the intended owner's public
A web application accepts a user-controlled input that
specifies a link to an external site, and uses that link in a Redirect. This
simplifies phishing attacks.
The lack of entropy available for, or used by, a Pseudo-Random
Number Generator (PRNG) can be a stability and security
The product subtracts one value from another, such that the
result is less than the minimum allowable integer value, which produces a value
that is not equal to the correct result.
The software contains hard-coded credentials, such as a
password or cryptographic key, which it uses for its own inbound authentication,
outbound communication to external components, or encryption of internal
The web application does not, or can not, sufficiently verify
whether a well-formed, valid, consistent request was intentionally provided by
the user who submitted the request.
The software performs a calculation that can produce an integer
overflow or wraparound, when the logic assumes that the resulting value will
always be larger than the original value. This can introduce other weaknesses
when the calculation is used for resource management or execution
Weaknesses in this category are related to the improper
management of time and state in an environment that supports simultaneous or
near-simultaneous computation by multiple systems, processes, or
Weaknesses in this category are related to improper handling of
communication channels and access paths.
The software attempts to access a file based on the filename,
but it does not properly prevent that filename from identifying a link or
shortcut that resolves to an unintended resource.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies