Categories

The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

The software does not properly distinguish between different types of elements in a way that leads to insecure behavior.

The program releases a resource that is still intended to be used by the program itself or another actor.

The software makes resources available to untrusted parties when those resources are only intended to be accessed by the software.

The product allocates memory based on an untrusted size value, but it does not validate or incorrectly validates the size, allowing arbitrary amounts of memory to be allocated.

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize /../ sequences that can resolve to a location that is outside of that directory.

The software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.

The product mixes trusted and untrusted data in the same data structure or structured message.

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

The product uses a scheme that generates numbers or identifiers that are more predictable than required.