Beyond security
Language
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
Vulnerabilities classified by CWE type
Allows attackers to inject malicious scripts into web pages viewed by users.
Writing data beyond allocated buffer boundaries.
Allows attackers to execute malicious SQL statements in database queries.
Failing to properly validate user input before processing.
Unintentional disclosure of sensitive information.
Forces users to execute unwanted actions on authenticated sessions.
Allows access to files outside the intended directory.
Not checking if user has permission for requested action.
Reading data outside the intended memory buffer boundaries.
Writing data outside the intended memory buffer boundaries.
Referencing memory after it has been freed, leading to crashes or code execution.
Allows injection and execution of malicious code.
Dereferencing a null pointer causes crashes or undefined behavior.
Allows execution of arbitrary operating system commands.
Failing to properly verify user identity.
Allows uploading of dangerous file types to the server.
Arithmetic operations exceed the maximum integer value.
Allows execution of arbitrary system commands.
Server can be tricked into making requests to internal resources.
Deserializing untrusted data can lead to code execution.
Copying data without checking destination buffer size.
Allows exhaustion of system resources (DoS).
Authorization check is performed incorrectly.
Failing to properly manage user privileges.
Critical functions accessible without authentication.
Allows redirection to untrusted external sites.
Resources have overly permissive access controls.
Credentials embedded directly in source code.
Processing XML with external entity references.