Paid content will be excluded from the download.
Matches : 909
The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
The product stores sensitive information in files or directories that are accessible to actors outside of the intended control sphere.
Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.
The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
Weaknesses in this category are typically introduced during code development, including specification, design, and implementation.
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
The software does not encrypt sensitive or critical information before storage or transmission.