Software Vulnerabilities

Non-validated input

Require data input, but this incoming data could have malicious content, designed to force the program to behave in an unintended way.

Software Updates

The goal of software updates is to stay current and avoid exploitation of vulnerabilities.

Buffer Overflow

memory areas allocated to an application. A vulnerability occurs when data is written beyond the limits of a buffer. By changing data beyond the boundaries of a buffer, the application can access memory allocated to other processes. This can lead to a system crash or data compromise, or provide escalation of privileges.

Access control problems

process of controlling who does what and ranges from managing physical access to equipment to dictating who has access to a resource, such as a file, and what they can do with it, such as read or change the file. No matter the permission settings on a file, a hacker can bypass the operating system and read the data directly off the disk.

Weaknesses in security practices

protected through techniques such as authentication, authorization and encryption. Developers should stick to using security techniques and libraries that have already been created, tested and verified and should not attempt to create their own security algorithms. These will only likely introduce new vulnerabilities.

Race conditions

vulnerability describes a situation where the output of an event depends on ordered or timed outputs. A race condition becomes a source of vulnerability when the required ordered or timed events do not occur in the correct order or at the proper time.