[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118681

 
 

909

 
 

92673

 
 

143

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

Host-specific certificate data is not validated or is incorrectly validated, so while the certificate read is valid, it may not be for the site originally requested.

The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

Weaknesses in this category are typically introduced during code development, including specification, design, and implementation.

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Software that does not appropriately monitor or control resource consumption can lead to adverse system performance.

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

The software specifies a regular expression in a way that causes data to be improperly matched or compared.

The software does not sufficiently delimit the arguments being passed to a component in another control sphere, allowing alternate arguments to be provided, leading to potentially security-relevant changes.

Weaknesses in this category are typically introduced during the configuration of the software.

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies