Skip to main content
Software Engineering

Questions tagged [vulnerabilities]

Ask Question

The tag has no summary.

14 questions
Newest Active Bountied Unanswered
27 votes
9 answers
9k views

I have always wondered whether public, protected, and private has security implications post compilation. Hypothetically: class Foo { public: int m_Foo; // Completely vulnerable and dangerous ...
Anon's user avatar
  • 3,649
3 votes
1 answer
180 views

Some node.js libraries (just as an example) can pull in literally hundreds of dependencies. Some of these dependencies are small packages that only have one contributor. Often times the contributor ...
sgdsgyhetwaraw's user avatar
  • 191
9 votes
3 answers
3k views

A function f() uses eval() (or something as dangerous) with data which I created and stored in local_file on the machine running my program: import local_file def f(str_to_eval): # code.... ...
user's user avatar
  • 489
41 votes
13 answers
9k views

Suppose I'm reviewing code that job applicants send to prove their skills. Clearly I don't want to run executables they send. Not so clearly I'd rather not run the result of compilation of their code (...
sharptooth's user avatar
  • 4,387
-2 votes
1 answer
169 views

Could no amount of formal analysis, type/rule checking prevent it's exploitation? How about a fully verified kernel such as SEL4 ?
viv's user avatar
  • 97
2 votes
1 answer
757 views

I have developed a web application using zend framework, mysql, and other client side technologies like javascript, jquery ajax, kendo grid, and so on. I have completed development and have done ...
웃웃웃웃웃's user avatar
  • 131
5 votes
0 answers
129 views

I've been self employed for a long time now and have recently decided that PHP development within a company is the route I'd like to go down. I had an initial interview/meeting yesterday with a ...
john's user avatar
  • 289
1 vote
2 answers
805 views

I always appreciated the Java language. It is known as a very secure platform and many banks use it in their web applications. I wanted to build a project for my school and I discussed the options ...
Maryam's user avatar
  • 63
23 votes
9 answers
5k views

I'm doing a course in college, where one of the labs is to perform buffer overflow exploits on code they give us. This ranges from simple exploits like changing the return address for a function on a ...
ankit's user avatar
  • 860
5 votes
3 answers
378 views

What are some techniques in determining if a particular piece of source code is malicious or vulnerable to malicious attack? I am currently using cppcheck and I am waiting on an install of Rational ...
user avatar
14 votes
4 answers
12k views

There are many security risks coming from having close contact to the hardware as opposed to using well-tested and proved APIs from high level programming languages. It is much easier to cause a ...
Anto's user avatar
  • 11.2k
5 votes
4 answers
491 views

We know of Linus' law: With enough eyeballs all bugs are shallow In general, people seem to say that open-source software is more secure because of that very thing, but... There are many small OSS ...
Anto's user avatar
  • 11.2k
38 votes
14 answers
7k views

While working on a project for my company, I needed to build functionality that allows users to import/export data to/from our competitor's site. While doing this, I discovered a very serious security ...
Community wiki
3 revs
user17610
6 votes
5 answers
2k views

When I changed my Facebook password yesterday, by mistake I entered the old one and got this: Am I missing something here or this is a big potencial risk for users. In my opinion this is a problem ...
Trufa's user avatar
  • 604