[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data representation problems.

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

The software writes data past the end, or before the beginning, of the intended buffer.

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

The software does not properly encode or decode the data, resulting in unexpected values.

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Weaknesses in this category are typically introduced during the configuration of the software.

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies