|Paid content will be excluded from the download.
| Matches : 909
|The software does not implement or incorrectly implements one
or more security-relevant checks as specified by the design of a standardized
algorithm, protocol, or technique.
Host-specific certificate data is not validated or is
incorrectly validated, so while the certificate read is valid, it may not be for
the site originally requested.
The product does not use or incorrectly uses a protection
mechanism that provides sufficient defense against directed attacks against the
The software constructs all or part of an OS command using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended OS command when it is sent to a downstream
Weaknesses in this category are related to improper handling of
The product uses untrusted input when calculating or using an
array index, but the product does not validate or incorrectly validates the
index to ensure the index references a valid position within the array.
The software contains a mechanism for users to recover or
change their passwords without knowing the original password, but the mechanism
The software contains hard-coded credentials, such as a
password or cryptographic key, which it uses for its own inbound authentication,
outbound communication to external components, or encryption of internal
Weaknesses in this category are related to improper calculation
or conversion of numbers.
Weaknesses in this category are typically introduced during
code development, including specification, design, and
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90
© 2013 SecPod Technologies