CWE Archives - Page 53 of 96 - Cyber Security News

CWE-177 – Improper Handling of URL Encoding (Hex Encoding)

Description The software does not properly handle when all or part of an input has been URL encoded. Modes of Introduction: - Implementation ...

rocco

May 26, 2022May 26, 2022

CWE

CWE-178 – Improper Handling of Case Sensitivity

Description The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results....

rocco

May 26, 2022May 26, 2022

CWE

CWE-1385 – Missing Origin Validation in WebSockets

Description The software uses a WebSocket, but it does not properly verify that the source of data or communication is valid. Modes of Introduction: -...

rocco

May 26, 2022

CWE

CWE-14 – Compiler Removal of Code to Clear Buffers

Description Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka...

rocco

May 26, 2022May 26, 2022

CWE

CWE-140 – Improper Neutralization of Delimiters

Description The software does not neutralize or incorrectly neutralizes delimiters. Modes of Introduction: - Implementation Related Weaknesses CWE-138 Consequences Integrity: Unexpected State...

rocco

May 26, 2022May 26, 2022

CWE

CWE-141 – Improper Neutralization of Parameter/Argument Delimiters

Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter...

rocco

May 26, 2022May 26, 2022

CWE

CWE-142 – Improper Neutralization of Value Delimiters

Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as value...

rocco

May 26, 2022May 26, 2022

CWE

CWE-143 – Improper Neutralization of Record Delimiters

Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as record...

rocco

May 26, 2022May 26, 2022

CWE

CWE-144 – Improper Neutralization of Line Delimiters

Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line...

rocco

May 26, 2022May 26, 2022

CWE

CWE-145 – Improper Neutralization of Section Delimiters

Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as section...

rocco

May 26, 2022May 26, 2022

Friday Squid Blogging: Female Gonatus Onyx Squid Carrying Her Eggs

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Category: CWE

CWE-177 – Improper Handling of URL Encoding (Hex Encoding)

CWE-178 – Improper Handling of Case Sensitivity

CWE-1385 – Missing Origin Validation in WebSockets

CWE-14 – Compiler Removal of Code to Clear Buffers

CWE-140 – Improper Neutralization of Delimiters

CWE-141 – Improper Neutralization of Parameter/Argument Delimiters

CWE-142 – Improper Neutralization of Value Delimiters

CWE-143 – Improper Neutralization of Record Delimiters

CWE-144 – Improper Neutralization of Line Delimiters

CWE-145 – Improper Neutralization of Section Delimiters