Difference between revisions of "Category:Vulnerability"
|Line 1:||Line 1:|
. Please [[How To Add a Vulnerability]]
[[How To Add a Vulnerability]]
Revision as of 17:24, 16 April 2006
Application Security Vulnerability Types
This category is for common types of software vulnerabilities, both design flaws and implementation bugs. OWASP takes the position that there is no single best taxonomy into which these articles can be organized. Instead, we tag our articles with all the attributes that apply to allow for better searching and sorting. You can, of course, sort these articles on a single dimesion, such as the associated threat, countermeasure, or impact. Please do not post any actual vulnerabilities in products, services, or web applications. Those disclosure reports should be posted to bugtraq or full-disclosure.
Every article has a defined structure. Please read the details of How To Add a Vulnerability before creating a new article.
This category has the following 20 subcategories, out of 20 total.
- ► General Logic Error Vulnerability (1 P)
- ► Input Validation Vulnerability (11 P)
- ► Logging and Auditing Vulnerability (1 P)
Pages in category "Vulnerability"
The following 63 pages are in this category, out of 63 total.
- Unchecked Error Condition
- Unchecked Return Value: Missing Check against Null
- Undefined Behavior
- Unreleased Resource
- Unrestricted File Upload
- Unsafe function call from a signal handler
- Unsafe JNI
- Unsafe Mobile Code
- Unsafe use of Reflection
- Use of hard-coded password
- Use of Obsolete Methods
- Using a broken or risky cryptographic algorithm
- Using freed memory