[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

140669

 
 

909

 
 

113959

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.

The software reads data past the end, or before the beginning, of the intended buffer.

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

This tries to cover various problems in which improper data are included within a "container."

A product can be used as an intermediary or proxy between an attacker and the ultimate target, so that the attacker can either bypass access controls or hide activities.

Weaknesses in this category are related to improper assignment or handling of permissions.

The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.

The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

The software uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies