Paid content will be excluded from the download.
Matches : 909
Weaknesses in this category are related to the use of cryptography.
The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
An application uses a "blacklist" of prohibited values, but the blacklist is incomplete.
The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
Weaknesses in this category are related to the improper management of time and state in an environment that supports simultaneous or near-simultaneous computation by multiple systems, processes, or threads.
The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.