This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Pages that link to "Category:Vulnerability"
The following pages link to Category:Vulnerability:
View (previous 500 | next 500) (20 | 50 | 100 | 250 | 500)- Cross Site Scripting Flaw (← links)
- Getting Started (← links)
- Category:PHP (← links)
- Deserialization of untrusted data (← links)
- Using a broken or risky cryptographic algorithm (← links)
- Glossary (← links)
- Buffer Overflow (← links)
- OWASP Categories (← links)
- Tutorial (← links)
- Unprotected Alternate Channel (← links)
- Business logic vulnerability (← links)
- CRLF Injection (← links)
- Catch NullPointerException (← links)
- Channel and Path Errors (← links)
- Cleansing, Canonicalization, and Comparison Errors (← links)
- Context Switching Race Condition (← links)
- Common Special Element Manipulations (← links)
- Cross-Boundary Cleansing Infoleak (← links)
- Data Amplification (← links)
- Data Leaking Between Users (← links)
- Data Structure Issues (← links)
- Delimiter Problems (← links)
- Delimiter between Expressions or Commands (← links)
- Template:Vulnerability (← links)
- Directory Restriction Error (← links)
- Empty String Password (← links)
- Expected behavior violation (← links)
- Improper Null Termination (← links)
- Improper resource shutdown or release (← links)
- Improperly Implemented Security Check for Standard (← links)
- Improperly Trusted Reverse DNS (← links)
- Improperly Verified Signature (← links)
- Inadvertent (← links)
- Incomplete Cleanup (← links)
- Incomplete Element (← links)
- Incomplete Internal State Distinction (← links)
- Inconsistent Elements (← links)
- Inconsistent Implementations (← links)
- Inconsistent Special Elements (← links)
- Incorrect Privilege Assignment (← links)
- Incorrect initialization (← links)
- Initialization and Cleanup Errors (← links)
- Input Terminator (← links)
- Insecure Compiler Optimization (← links)
- Insecure Default Permissions (← links)
- Insecure Temporary File (← links)
- Insecure default variable initialization (← links)
- Insecure execution-assigned permissions (← links)
- Insecure inherited permissions (← links)
- Insecure preserved inherited permissions (← links)
- Installation Issues (← links)
- Insufficient Entropy (← links)
- Insufficient Resource Pool (← links)
- Insecure Transport (← links)
- Insufficient Session-ID Length (← links)
- Missing Error Handling (← links)
- Least Privilege Violation (← links)
- Leftover Debug Code (← links)
- Mac virtual file problems (← links)
- Memory leak (← links)
- Misinterpretation error (← links)
- Missing access control (← links)
- Missing critical step in authentication (← links)
- Missing element error (← links)
- Missing error status code (← links)
- Missing Error Status Code (← links)
- Missing handler (← links)
- Missing initialization (← links)
- Missing lock check (← links)
- Missing parameter error (← links)
- Missing required cryptographic step (← links)
- Key Management Errors (← links)
- Missing special element (← links)
- Missing value error (← links)
- Mixed encoding (← links)
- Multiple failed authentication attempts not prevented (← links)
- Multiple internal special element (← links)
- Multiple interpretation error (MIE) (← links)
- Multiple Interpretation Error (MIE) (← links)
- Multiple interpretations of UI input (← links)
- Multiple Leading Special Elements (← links)
- Multiple Trailing Special Elements (← links)
- Mutable objects passed by reference (← links)
- No authentication for critical function (← links)
- No Authentication for Critical Function (← links)
- Non-Replicating (← links)
- Non-exit on Failed Initialization (← links)
- Null Character / Null Byte (← links)
- Obscured Security-relevant Information by Alternate Name (← links)
- Obsolete feature in UI (← links)
- Off-by-one Error (← links)
- Often Misused: Path Manipulation (← links)
- Omission of Security-relevant Information (← links)
- Origin Validation Error (← links)
- Other length calculation error (← links)
- Out-of-bounds Read (← links)
- Ownership errors (← links)
- PHP External Variable Modification (← links)
- PHP File Inclusion (← links)
- PRNG Seed Error (← links)
- Parameter Problems (← links)
- Partial Comparison (← links)
- Patch Issues (← links)
- Path Equivalence (← links)
- Password Plaintext Storage (← links)
- Plaintext Storage in Cookie (← links)
- Plaintext Storage in Executable (← links)
- Plaintext Storage in File or on Disk (← links)
- Plaintext Storage in GUI (← links)
- Plaintext Storage of Sensitive Information (← links)
- Pointer Issues (← links)
- Porting Issues (← links)
- Predictability problems (← links)
- Predictable Exact Value from Previous Values (← links)
- Predictable Seed in PRNG (← links)
- Predictable Value Range from Previous Values (← links)
- Privacy Violation (← links)
- Private Array-Typed Field Returned From A Public Method (← links)
- Privilege / sandbox errors (← links)
- Privilege Chaining (← links)
- Privilege Context Switching Error (← links)
- Privilege Dropping / Lowering Errors (← links)
- Privilege Management Error (← links)
- Process Control (← links)
- Process information infoleak to other processes (← links)
- Product UI does not warn user of unsafe actions (← links)
- Product-External Error Message Infoleak (← links)
- Product-Generated Error Message Infoleak (← links)
- Proxied Trusted Channel (← links)
- Public Data Assigned to Private Array-Typed Field (← links)
- Randomness and Predictability (← links)
- Record Delimiter (← links)
- Regular Expression Error (← links)
- Resource Locking problems (← links)
- Reversible One-Way Hash (← links)
- Sensitive Data Under Web Root (← links)
- Signal Errors (← links)
- Small Space of Random Values (← links)
- Static Value in Unpredictable Context (← links)
- Improper Data Validation (← links)
- Struts: Form Bean Does Not Extend Validation Class (← links)
- Substitution Character (← links)
- OWASP student projects (← links)
- System Configuration Issues (← links)
- System Operations Issues (← links)
- Technology-Specific Input Validation Problems (← links)
- Technology-Specific Special Elements (← links)
- Technology-Specific Time and State Issues (← links)
- Technology-specific Environment Issues (← links)
- Temporary File Issues (← links)
- Testing Issues (← links)
- The UI performs the wrong action (← links)
- Time and State (← links)
- Time of Introduction (← links)
- Trailing Special Element (← links)
- Trapdoor (← links)
- Truncation of Security-relevant Information (← links)
- UI Misrepresentation of Critical Information (← links)
- UNIX Path Link problems (← links)
- UNIX file descriptor leak (← links)
- UNIX hard link (← links)
- UNIX symbolic link (symlink) following (← links)
- URL Encoding (Hex Encoding) (← links)
- Undefined Behavior (← links)
- Undefined Parameter Error (← links)
- Undefined Value Error (← links)
- Unexpected Status Code or Return Value (← links)
- Unparsed Raw Web Content Delivery (← links)
- Unprotected Primary Channel (← links)
- Unquoted Search Path or Element (← links)
- Unrestricted Critical Resource Lock (← links)
- Unrestricted File Upload (← links)
- Unsafe JNI (← links)
- Unsafe Privilege (← links)
- Unsafe use of Reflection (← links)
- Untrusted Data Appended with Trusted Data (← links)
- Unverified Ownership (← links)
- Use of Less Trusted Source (← links)
- User Interface Quality Errors (← links)
- User Interface Security Errors (← links)
- User interface inconsistency (← links)
- User management errors (← links)
- Validate-Before-Canonicalize (← links)
- Validate-Before-Filter (← links)
- Value Delimiter (← links)
- Value Problems (← links)
- Variable Name Delimiter (← links)
- Virtual Files (← links)
- Weak Encryption (← links)
- Wrong Data Type (← links)
- Wrong Status Code (← links)
- Insecure Randomness (← links)
- Password Management: Hardcoded Password (← links)
- Return Inside Finally Block (← links)
- Portability Flaw (← links)
- Poor Logging Practice (← links)
- Unsafe Mobile Code (← links)
- Full Trust CLR Verification issue: Exploiting Passing Reference Types by Reference (← links)
- Missing XML Validation (← links)
- String Termination Error (← links)
- Unchecked Return Value: Missing Check against Null (← links)
- Category:Security Focus Area (← links)
- Outsourced software developer (← links)
- Weak credentials (← links)
- OWASP Spring Of Code 2007 Project Ideas (← links)
- Archived Application Security News (← links)
- Vulnerability template (← links)
- OWASP Summer of Code 2008 Applications (← links)
- OWASP Summer of Code 2008 Applications - for majority vote (← links)
- Reduce Surface Area (← links)
- Category:OWASP .NET Project/es (← links)
- Category:OWASP Java Project/es (← links)
- Category:OWASP CLASP Project/es (← links)
- Category:OWASP Honeycomb Project/es (← links)
- Insecure Third Party Domain Access (← links)
- Best Practice: Projektierung der Sicherheitsprüfung von Webanwendungen (← links)
- Multiple admin levels (← links)
- Allowing Domains or Accounts to Expire (← links)
- OWASP Alchemist Project (← links)
- /Mulai (← links)
- Session Variable Overloading (← links)
- PHP Object Injection (← links)
- XML External Entity (XXE) Processing (← links)
- OWASP Focus (← links)
- OWASP EJSF Project (← links)
- Expression Language Injection (← links)
- OWASP Java Project Archive (8.2010) (← links)
- OWASP PHP Project Archive (03.2015) (← links)
- Doubly freeing memory (← links)
- Unsafe function call from a signal handler (← links)
- Information exposure through query strings in url (← links)