/alerttags/owasp_2025_a10/ Recent content in OWASP_2025_A10 on ZAP Hugo en-us /docs/alerts/30001/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/30001/ <p>Buffer overflow errors are characterized by the overwriting of memory spaces of the background web process, which should have never been modified intentionally or unintentionally. Overwriting values of the IP (Instruction Pointer), BP (Base Pointer) and other registers causes exceptions, segmentation faults, and other process errors to occur. Usually these errors end execution of the application in an unexpected way.</p> /docs/alerts/40044/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40044/ <p>An exponential entity expansion, or &ldquo;billion laughs&rdquo; attack is a type of denial-of-service (DoS) attack. It is aimed at parsers of markup languages like XML or YAML that allow macro expansions.</p> /docs/alerts/30002/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/30002/ <p>A Format String error occurs when the submitted data of an input string is evaluated as a command by the application.</p> /docs/alerts/50007-3/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/50007-3/ <p>A circular reference was detected in the GraphQL schema, where object types reference each other in a cycle. This can be exploited by attackers to craft deeply recursive queries, potentially leading to Denial of Service (DoS) conditions.</p> /docs/alerts/30003/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/30003/ <p>An integer overflow condition exists when an integer used in a compiled program extends beyond the range limits and has not been properly checked from the input stream.</p>