OWASP - H  Graf  Katalog Zranitelností  OWASP  Webové útok

List of Vulnerabilities

• Allowing Domains or Accounts to Expire
• Buffer Overflow
• Business logic vulnerability
• CRLF Injection
• CSV Injection
• Catch NullPointerException
• Covert storage channel
• Deserialization of untrusted data
• Directory Restriction Error
• Doubly freeing memory
• Empty String Password
• Expression Language Injection
• Full Trust CLR Verification issue Exploiting Passing Reference Types by Reference
• Heartbleed Bug
• Improper Data Validation
• Improper pointer subtraction
• Information exposure through query strings in url by Robert Gilbert (amroot)
• Injection problem
• Insecure Compiler Optimization
• Insecure Randomness
• Insecure Temporary File
• Insecure Third Party Domain Access
• Insecure Transport
• Insufficient Entropy
• Insufficient Session-ID Length
• Least Privilege Violation
• Memory leak
• Missing Error Handling
• Missing XML Validation
• Multiple admin levels
• Null Dereference
• OWASP .NET Vulnerability Research
• Overly Permissive Regular Expression
• PHP File Inclusion
• PHP Object Injection by Egidio Romano
• PRNG Seed Error
• Password Management Hardcoded Password
• Password Plaintext Storage
• Poor Logging Practice
• Portability Flaw
• Privacy Violation
• Process Control
• Return Inside Finally Block
• Session Variable Overloading
• String Termination Error
• Unchecked Error Condition
• Unchecked Return Value Missing Check against Null
• Undefined Behavior
• Unreleased Resource
• Unrestricted File Upload
• Unsafe JNI
• Unsafe Mobile Code
• Unsafe function call from a signal handler
• Unsafe use of Reflection
• Use of Obsolete Methods
• Use of hard-coded password
• Using a broken or risky cryptographic algorithm
• Using freed memory
• Vulnerability template
• XML External Entity (XXE) Processing