Categories

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

The software does not properly protect an assumed-immutable element from being modified by an attacker.

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication.

Environmental variables may contain sensitive information about a remote server.

The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.

The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that requests.

The product does not sufficiently compartmentalize functionality or processes that require different privilege levels, rights, or permissions.

Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.