[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL.

The program uses an expression in which operator precedence causes incorrect logic to be used.

The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user.

The software invokes a function for normalizing paths or file names, but it provides an output buffer that is smaller than the maximum possible size, such as PATH_MAX.

The software reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.

The software writes data past the end, or before the beginning, of the intended buffer.

The software reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.

The product allocates memory based on an untrusted size value, but it does not validate or incorrectly validates the size, allowing arbitrary amounts of memory to be allocated.

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

The software receives data from an upstream component, but does not filter or incorrectly filters special elements before sending it to a downstream component.


Pages:      Start    67    68    69    70    71    72    73    74    75    76    77    78    79    80    ..   90

© SecPod Technologies