Paid content will be excluded from the download.
Matches : 909
The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Weaknesses in this category are related to errors in the management of cryptographic keys.
The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.
The program accesses or uses a pointer that has not been initialized.
Weaknesses in this category are related to improper calculation or conversion of numbers.
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.