What is vulnerability?
A vulnerability is an opening or a shortcoming in the application, which can be a plan blemish or an execution bug, that permits an assailant to really hurt the partners of an application. Partners incorporate the application proprietor, application clients, and different elements that depend on the application.
Kindly post no real weaknesses in items, administrations, or web applications. Those divulgence reports ought to be presented on bugtraq or complete story mailing records.
Examples of Vulnerability:
Absence of information approval on client input
Absence of adequate logging instrument
Come up short open blunder taking care of
Not shutting the data set association appropriately
For an incredible outline, look at the OWASP Top Ten Undertaking. You can learn about the top weaknesses and download a paper that covers them exhaustively. Numerous associations and organizations utilize the Best Ten as an approach to making mindfulness about application security.
NOTE: Before you add a weakness, kindly hunt and ensure there is certainly not an identical one as of now. You might need to consider making a divert in the event that the subject is something similar. Each weakness article has a characterized structure.
List of Vulnerability:
Permitting Areas or Records to Terminate
Cradle Flood
Business rationale weakness
CRLF Infusion
CSV Infusion by Timo Goosen, Albinowax
Get NullPointerException
Incognito capacity channel
Deserialization of untrusted information
Registry Limitation Mistake
Doubly liberating memory
Void String Secret key
Articulation Language Infusion
Full Trust CLR Confirmation issue Taking advantage of Passing Reference Types by Reference
Heartbleed Bug
Inappropriate Information Approval
Inappropriate pointer deduction
Data openness through question strings in url by Robert Gilbert (amroot)
Infusion issue
Unreliable Compiler Streamlining
Unreliable Arbitrariness
Unreliable Brief Record
Unreliable Outsider Area Access
Unreliable Vehicle
Deficient Entropy
Deficient Meeting ID Length
Least Honor Infringement
Memory spill
Missing Mistake Dealing with
Missing XML Approval
Different administrator levels
Invalid Dereference
OWASP .NET Weakness Exploration
Excessively Tolerant Customary Articulation
PHP Record Incorporation
PHP Article Infusion by Egidio Romano
PRNG Seed Mistake
Secret key Administration Hardcoded Secret key
Secret word Plaintext Stockpiling
Unfortunate Logging Practice
Versatility Defect
Security Infringement
Process Control
Return Inside At long last Block
Meeting Variable Over-burdening
String End Blunder
Unrestrained Mistake Condition
Unrestrained Return Worth Missing Check against Invalid
Vague Way of behaving
Unreleased Asset
Unlimited Record Transfer
Hazardous JNI
Hazardous Versatile Code
Perilous capability call from a sign controller
Hazardous utilization of Reflection
Utilization of Out of date Strategies
Utilization of hard-coded secret word
Utilizing a messed up or hazardous cryptographic calculation
Utilizing liberated memory
Weakness layout
XML Outside Element (XXE) Handling.
Excellent
ReplyDelete