Paid content will be excluded from the download.
Matches : 909
This weakness occurs when the application transmits or stores authentication credentials and uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
The software does not handle or incorrectly handles an exceptional condition.
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
The software does not properly verify that the source of data or communication is valid.
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.
The software does not properly "clean up" and remove temporary or supporting resources after they have been used.
The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
Host-specific certificate data is not validated or is incorrectly validated, so while the certificate read is valid, it may not be for the site originally requested.
The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.