- Integer overflow & underflow
- Casting differnt types of ints
- Command injection
- Escaping characters
- Parameterized queries
- system, popen
- Python subprocess
- Python compile, eval, exec
- String formatting attacks
- PATH environment variable
- Function interposition
- LD_PRELOAD environment variable
- Assumptions about open files
- Problems with obscurity
- Path traversal vulnerabilities
- Unicode problems
- TOCTTOU attacks
- Problems with temp file creation
Command Injection
Terms and concepts you should know