Beyond security
Language
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
Vulnerabilities classified by CWE type
Allows attackers to inject malicious scripts into web pages viewed by users.
Writing data beyond allocated buffer boundaries.
Allows attackers to execute malicious SQL statements in database queries.
Failing to properly validate user input before processing.
Unintentional disclosure of sensitive information.
Forces users to execute unwanted actions on authenticated sessions.
Not checking if user has permission for requested action.
Allows access to files outside the intended directory.
Reading data outside the intended memory buffer boundaries.
Writing data outside the intended memory buffer boundaries.
Referencing memory after it has been freed, leading to crashes or code execution.
Dereferencing a null pointer causes crashes or undefined behavior.
Allows injection and execution of malicious code.
Allows execution of arbitrary operating system commands.
Failing to properly verify user identity.
Allows uploading of dangerous file types to the server.
Arithmetic operations exceed the maximum integer value.
Deserializing untrusted data can lead to code execution.
Allows execution of arbitrary system commands.
Copying data without checking destination buffer size.
Allows exhaustion of system resources (DoS).
Server can be tricked into making requests to internal resources.
Authorization check is performed incorrectly.
Failing to properly manage user privileges.
Critical functions accessible without authentication.
Resources have overly permissive access controls.
Allows redirection to untrusted external sites.
Credentials embedded directly in source code.
Processing XML with external entity references.