- Checkmarx Documentation
- Checkmarx SAST
- SAST Release Notes
- Engine Pack Versions and Delivery Model
- Previous Engine Pack Versions
- Engine Pack Version 9.6.4
Engine Pack Version 9.6.4
CxSAST Engine
Languages & Frameworks
All supported code Languages & Frameworks versions are on the dedicated page here.
New SAST Engine - Fast Scan
Execution Time Optimization
Fast Scan incorporates an enhanced configuration to optimize execution time for Kotlin, Go, Scala, Python, Dart, PHP, and Rust languages.
Scanned Languages
Fast Scan mode is designed to scan the primary languages.
For subsequent language groups, the primary language for scanning is determined based on the criteria:
JVM languages:(Java, Scala, Kotlin, and Groovy) -only the language with the higher number of files is selected. In case of a tie, the order of choice is Java, Groovy, Scala, Kotlin;
IOS composed projects: (Swift and ObjC) - only the language with more files is selected. In case of a tie, the order of choice is Swift, ObjC;
Flutter projects: only the language with more files is selected. In case of a tie, the order of choice is Java, Swift, ObjC, CPP, Kotlin, and Dart;
Scripting Languages only projects: only the language with the higher number of files is selected. In case of a tie, the order of choice is JavaScript, VbScript, and Plsql.
C++
This version includes significant enhancements for C++ language support:
Update to the most recent version of ANTLR (version 4.13.1).
Improvements have been made to support various expressions, particularly reference declarations and pointers.
Parsing issues associated with more recent C++ syntax have been addressed.
Added support for .pc extension (pro*C files) to enhance C++ parsing (Note: SQL queries are ignored).
Added code to distinguish ObjC files that were previously misidentified as C files.
Notice
To fully leverage C++ support, ensuring accurate code parsing by defining any custom macros is important.
The C++ parser cannot adequately support macros throughout the program unless properly defined.
JavaScript
This engine pack introduces enhancements in JavaScript language parsing resulting from the update to the ANTLR version 4.13.1.
Rust
The Rust support has been improved by adding additional queries.
The following queries are available as part of this version:
Rust_Medium_Threat
Empty_Password_In_Connection_String
Hardcoded_Password_in_Connection_String
Password_In_Comment
SSRF
Unrestricted_Delete_S3
Unrestricted_Read_S3
Unrestricted_Write_S3
Use_Of_Hardcoded_Password
Rust_Low_Visibility
Missing_Password_Field_Masking
Notice
Technology Preview features provide early access to upcoming product innovations, enabling you to test functionality and provide feedback during development. However, these features are not fully supported, might not be functionally complete, and are not intended for production use.
As Checkmarx considers making future iterations of Technology Preview features generally available, we will attempt to resolve any issues customers experience when using these features.
RPG
This version introduces the support of fully free format.
Presets
OWASP API Top 10 2023
A new preset and category for the OWASP API Top 10 2023 is available out-of-the-box with this Engine Pack.
New return codes
Notice
In the upcoming version 9.6.5, the following use cases which have the return code denoted as “-1“ will be replaced by a new return code:
No code changes - new return code will be 58
Empty files - new return code will be 59
Error on the setup of the logs - new return code will be 61
Project not found - new return code will be 62
Error on file extension initialization (includes files having no extension defined) - new return code will be 63
Error on queries deserialization (a step that occurs before queries compilation) - new return code will be 64
Error on queries compilation - new return code will be 65
Error on queries execution - new return code will be 66
Error on the license validation - new return code will be 67
Error while scanning (such as parsing, Resolver) - new return code will be 68
To ensure a seamless transition and prevent potential errors, we strongly recommend the following:
Carefully review your existing pipelines and workflows.
Identify whether there are any configurations or dependencies currently relying on the current error code.
Making the necessary configuration adjustments before upgrading to version 9.6.3 is essential. By making these changes, you'll be able to avoid any disruptions caused by the change in error code and ensure the continued smooth operation of your processes.
Base Preset
Notice
Based on thorough tests and comparisons to internal benchmarks, we've decided to improve the base preset and fine-tune it for enhancement. Because of this, in the upcoming version 9.6.5, support for the following languages will be removed from the preset: Cobol, Go, Groovy, Perl, PLSQL, RPG, Ruby, and VB.Net.
We will focus on enhancing coverage for Java, JavaScript, C#, CPP, and Python languages. Additionally, we'll gradually include support for other languages with improved coverage and accuracy.
Removal of deprecated queries from Presets
Actions to be executed in the upcoming version 9.6.5:
Deprecated queries are going to be removed from the presets according to the following list:
(Language, Query ID, Query Name)
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 5607, Heuristic_Buffer_Improper_Index_Access
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
CSharp, 2961, Side_Channel_Data_Leakage
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3298, Cleansing_Canonicalization_and_Comparison_Errors
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3363, Use_Of_getenv
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Kotlin, 7794, Parameter_Tampering
Lua, 8154, Deserialization_of_Untrusted_Data
Lua, 8083, Heap_Inspection
Lua, 8064, Null_Pointer_Dereference
Lua, 7992, Missing_Encryption_of_Sensitive_Data
Lua, 8067, Parameter_Tampering
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 8060, Missing_Encryption_of_Sensitive_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Java, 1601, Side_Channel_Data_Leakage
Java, 4690, Deserialization_of_Untrusted_Data
Objc, 2919, Use_of_Insufficiently_Random_Values
CSharp, 2961, Side_Channel_Data_Leakage
Java, 1601, Side_Channel_Data_Leakage
Java, 4690, Deserialization_of_Untrusted_Data
Lua, 8154, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Apex, 53, Parameter_Tampering
ASP, 185, Parameter_Tampering
CPP, 324, Heap_Inspection
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 327, Parameter_Tampering
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 3772, Heap_Inspection
CSharp, 474, Parameter_Tampering
Go, 7358, Parameter_Tampering
Groovy, 3385, Parameter_Tampering
Java, 4690, Deserialization_of_Untrusted_Data
Java, 3771, Heap_Inspection
Java, 638, Parameter_Tampering
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Kotlin, 7794, Parameter_Tampering
Lua, 8083, Heap_Inspection
Lua, 7992, Missing_Encryption_of_Sensitive_Data
Lua, 8067, Parameter_Tampering
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 8060, Missing_Encryption_of_Sensitive_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4387, Parameter_Tampering
VB6, 1118, Parameter_Tampering
VbNet, 777, UTF7_XSS
VbNet, 3773, Heap_Inspection
VbNet, 815, Parameter_Tampering
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 5607, Heuristic_Buffer_Improper_Index_Access
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3298, Cleansing_Canonicalization_and_Comparison_Errors
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3363, Use_Of_getenv
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Kotlin, 7794, Parameter_Tampering
Lua, 8154, Deserialization_of_Untrusted_Data
Lua, 8083, Heap_Inspection
Lua, 8064, Null_Pointer_Dereference
Lua, 7992, Missing_Encryption_of_Sensitive_Data
Lua, 8067, Parameter_Tampering
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 8060, Missing_Encryption_of_Sensitive_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 3772, Heap_Inspection
CSharp, 466, DB_Parameter_Tampering
Java, 4690, Deserialization_of_Untrusted_Data
Java, 3771, Heap_Inspection
Java, 628, DB_Parameter_Tampering
Java, 638, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 317, DB_Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3374, DB_Parameter_Tampering
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2190, Potential_ReDoS
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
PHP, 5425, Deserialization_of_Untrusted_Data
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 1114, Insufficiently_Protected_Credentials
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 598, Blind_SQL_Injections
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 4034, Suspected_XSS
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Perl, 2043, Missing_Encryption_of_Sensitive_Data
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
ASP, 147, UTF7_XSS
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 324, Heap_Inspection
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 3772, Heap_Inspection
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3293, UTF7_XSS
Groovy, 3834, Heap_Inspection
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Java, 4690, Deserialization_of_Untrusted_Data
Java, 3771, Heap_Inspection
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Kotlin, 7794, Parameter_Tampering
Lua, 8154, Deserialization_of_Untrusted_Data
Lua, 7992, Missing_Encryption_of_Sensitive_Data
Lua, 8067, Parameter_Tampering
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 8060, Missing_Encryption_of_Sensitive_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
VB6, 1118, Parameter_Tampering
VbNet, 777, UTF7_XSS
VbNet, 3773, Heap_Inspection
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 5607, Heuristic_Buffer_Improper_Index_Access
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3298, Cleansing_Canonicalization_and_Comparison_Errors
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3363, Use_Of_getenv
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Kotlin, 7794, Parameter_Tampering
Lua, 8154, Deserialization_of_Untrusted_Data
Lua, 8083, Heap_Inspection
Lua, 8064, Null_Pointer_Dereference
Lua, 7992, Missing_Encryption_of_Sensitive_Data
Lua, 8067, Parameter_Tampering
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 8060, Missing_Encryption_of_Sensitive_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 147, UTF7_XSS
ASP, 162, Insecure_Randomness
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 324, Heap_Inspection
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CSharp, 432, UTF7_XSS
CSharp, 3772, Heap_Inspection
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3293, UTF7_XSS
Groovy, 3834, Heap_Inspection
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Java, 3771, Heap_Inspection
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Objc, 2911, Heap_Inspection
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Scala, 4523, Heap_Inspection
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
VB6, 2380, Insecure_Randomness
VB6, 1118, Parameter_Tampering
VbNet, 777, UTF7_XSS
VbNet, 3773, Heap_Inspection
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
CPP, 5607, Heuristic_Buffer_Improper_Index_Access
CPP, 2441, NULL_Pointer_Dereference
Java, 1601, Side_Channel_Data_Leakage
CSharp, 2961, Side_Channel_Data_Leakage
Java, 1601, Side_Channel_Data_Leakage
Java, 4690, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 4034, Suspected_XSS
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 638, Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 598, Blind_SQL_Injections
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 4034, Suspected_XSS
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Perl, 2043, Missing_Encryption_of_Sensitive_Data
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4472, Stored_HTTP_Response_Splitting
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 638, Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4387, Parameter_Tampering
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
CSharp, 2961, Side_Channel_Data_Leakage
Java, 1601, Side_Channel_Data_Leakage
Java, 4690, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 613, Potential_ReDoS_By_Injection
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 2911, Heap_Inspection
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3298, Cleansing_Canonicalization_and_Comparison_Errors
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3363, Use_Of_getenv
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3906, Security_Misconfiguration
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 1564, Inadequate_Pointer_Validation
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 3906, Security_Misconfiguration
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 5425, Deserialization_of_Untrusted_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 434, Blind_SQL_Injections
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 466, DB_Parameter_Tampering
Java, 2789, JSON_Hijacking
Java, 598, Blind_SQL_Injections
Java, 3890, Improper_Resource_Access_Authorization
Java, 628, DB_Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
Apex, 53, Parameter_Tampering
ASP, 185, Parameter_Tampering
CPP, 327, Parameter_Tampering
CSharp, 474, Parameter_Tampering
Go, 7358, Parameter_Tampering
Groovy, 3385, Parameter_Tampering
Java, 638, Parameter_Tampering
JavaScript, 2979, Parameter_Tampering
Kotlin, 7794, Parameter_Tampering
Lua, 8067, Parameter_Tampering
Perl, 4137, Parameter_Tampering
PHP, 1339, Parameter_Tampering
PLSQL, 2631, Parameter_Tampering
Python, 3114, Parameter_Tampering
Ruby, 1547, Parameter_Tampering
Scala, 4387, Parameter_Tampering
VB6, 1118, Parameter_Tampering
VbNet, 815, Parameter_Tampering
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 327, Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3298, Cleansing_Canonicalization_and_Comparison_Errors
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 613, Potential_ReDoS_By_Injection
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Swift, 7029, Parameter_Tampering
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 160, Improper_Session_Management
ASP, 162, Insecure_Randomness
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 313, Stored_Blind_SQL_Injections
CPP, 1211, Use_of_Insufficiently_Random_Values
CPP, 317, DB_Parameter_Tampering
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 444, Improper_Session_Management
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 6306, Use_of_Insufficiently_Random_Values
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3297, Channel_Accessible_by_NonEndpoint
Groovy, 3298, Cleansing_Canonicalization_and_Comparison_Errors
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3313, Improper_Session_Management
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3335, Plaintext_Storage_in_a_Cookie
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3384, Multiple_Binds_to_the_Same_Port
Groovy, 3385, Parameter_Tampering
Groovy, 3408, Use_of_Insufficiently_Random_Values
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 598, Blind_SQL_Injections
Java, 1639, Channel_Accessible_by_NonEndpoint
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 1655, Plaintext_Storage_in_a_Cookie
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 1673, Multiple_Binds_to_the_Same_Port
Java, 638, Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
JavaScript, 2991, Use_of_Insufficiently_Random_Values
Kotlin, 7794, Parameter_Tampering
Lua, 8154, Deserialization_of_Untrusted_Data
Lua, 7992, Missing_Encryption_of_Sensitive_Data
Lua, 8067, Parameter_Tampering
Objc, 4728, Universal_XSS
Objc, 2190, Potential_ReDoS
Objc, 2919, Use_of_Insufficiently_Random_Values
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 8060, Missing_Encryption_of_Sensitive_Data
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
PLSQL, 2635, Use_of_Insufficiently_Random_Values
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3565, Insecure_Randomness
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4533, Multiple_Binds_to_the_Same_Port
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 2380, Insecure_Randomness
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 789, Improper_Session_Management
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 154, Cleansing_Canonicalization_and_Comparison_Errors
ASP, 166, Insufficiently_Protected_Credentials
ASP, 1802, JavaScript_Hijacking
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 317, DB_Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 4729, Deserialization_of_Untrusted_Data
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 439, Cleansing_Canonicalization_and_Comparison_Errors
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 446, JavaScript_Hijacking
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3346, Reliance_on_Cookies_in_a_Decision
Groovy, 3362, Use_of_Client_Side_Authentication
Groovy, 3374, DB_Parameter_Tampering
Java, 2789, JSON_Hijacking
Java, 4690, Deserialization_of_Untrusted_Data
Java, 598, Blind_SQL_Injections
Java, 602, Cleansing_Canonicalization_and_Comparison_Errors
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 2096, Reliance_on_Cookies_in_a_Decision
Java, 4034, Suspected_XSS
Java, 1667, Use_of_Client_Side_Authentication
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 6448, Spring_Missing_Expect_CT_Header
Java, 6440, Spring_Missing_X_Content_Type_Options
Java, 6443, Spring_Missing_XSS_Protection_Header
JavaScript, 6090, Deserialization_of_Untrusted_Data
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 3922, Potentially_Vulnerable_To_CSRF
Kotlin, 6453, Deserialization_of_Untrusted_Data
Objc, 4735, Deserialization_of_Untrusted_Data
Objc, 4728, Universal_XSS
Objc, 2190, Potential_ReDoS
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
PHP, 5425, Deserialization_of_Untrusted_Data
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 5311, Deserialization_of_Untrusted_Data
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 1114, Insufficiently_Protected_Credentials
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 784, Cleansing_Canonicalization_and_Comparison_Errors
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 791, JavaScript_Hijacking
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 5607, Heuristic_Buffer_Improper_Index_Access
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 2441, NULL_Pointer_Dereference
CPP, 1211, Use_of_Insufficiently_Random_Values
Apex, 53, Parameter_Tampering
ASP, 132, Heuristic_2nd_Order_SQL_Injection
ASP, 137, Heuristic_CSRF
ASP, 133, Heuristic_DB_Parameter_Tampering
ASP, 134, Heuristic_Parameter_Tampering
ASP, 135, Heuristic_SQL_Injection
ASP, 136, Heuristic_Stored_XSS
ASP, 147, UTF7_XSS
ASP, 149, Blind_SQL_Injections
ASP, 166, Insufficiently_Protected_Credentials
ASP, 176, XSS_Evasion_Attack
ASP, 178, DB_Parameter_Tampering
ASP, 185, Parameter_Tampering
ASP, 187, Reflected_XSS_Specific_Clients
CPP, 271, Heuristic_2nd_Order_Buffer_Overflow_malloc
CPP, 272, Heuristic_2nd_Order_Buffer_Overflow_read
CPP, 273, Heuristic_2nd_Order_SQL_Injection
CPP, 274, Heuristic_Buffer_Overflow_malloc
CPP, 275, Heuristic_Buffer_Overflow_read
CPP, 276, Heuristic_CGI_Stored_XSS
CPP, 277, Heuristic_DB_Parameter_Tampering
CPP, 280, Heuristic_Parameter_Tampering
CPP, 281, Heuristic_SQL_Injection
CPP, 298, Blind_SQL_Injections
CPP, 324, Heap_Inspection
CPP, 3892, Improper_Resource_Access_Authorization
CPP, 311, Insufficiently_Protected_Credentials
CPP, 2441, NULL_Pointer_Dereference
CPP, 313, Stored_Blind_SQL_Injections
CPP, 317, DB_Parameter_Tampering
CPP, 327, Parameter_Tampering
CPP, 342, Stored_DB_Parameter_Tampering
CSharp, 417, Heuristic_2nd_Order_SQL_Injection
CSharp, 422, Heuristic_CSRF
CSharp, 418, Heuristic_DB_Parameter_Tampering
CSharp, 419, Heuristic_Parameter_Tampering
CSharp, 420, Heuristic_SQL_Injection
CSharp, 421, Heuristic_Stored_XSS
CSharp, 432, UTF7_XSS
CSharp, 434, Blind_SQL_Injections
CSharp, 3772, Heap_Inspection
CSharp, 449, Insufficiently_Protected_Credentials
CSharp, 451, Potential_ReDoS
CSharp, 452, Potential_ReDoS_By_Injection
CSharp, 453, Potential_ReDoS_In_Code
CSharp, 454, Potential_ReDoS_In_Static_Field
CSharp, 461, XSS_Evasion_Attack
CSharp, 466, DB_Parameter_Tampering
CSharp, 474, Parameter_Tampering
CSharp, 479, Reflected_XSS_Specific_Clients
Go, 7358, Parameter_Tampering
Groovy, 3277, Heuristic_2nd_Order_SQL_Injection
Groovy, 3278, Heuristic_CGI_Stored_XSS
Groovy, 3283, Heuristic_CSRF
Groovy, 3279, Heuristic_DB_Parameter_Tampering
Groovy, 3280, Heuristic_Parameter_Tampering
Groovy, 3281, Heuristic_SQL_Injection
Groovy, 3282, Heuristic_Stored_XSS
Groovy, 3293, UTF7_XSS
Groovy, 3296, Blind_SQL_Injections
Groovy, 3305, ESAPI_Same_Password_Repeats_Twice
Groovy, 3834, Heap_Inspection
Groovy, 3321, Insufficiently_Protected_Credentials
Groovy, 3336, Potenial_UTF7_XSS
Groovy, 3337, Potential_ReDoS
Groovy, 3338, Potential_ReDoS_By_Injection
Groovy, 3339, Potential_ReDoS_In_Match
Groovy, 3340, Potential_ReDoS_In_Replace
Groovy, 3341, Potential_ReDoS_In_Static_Field
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3382, HTTP_Response_Splitting
Groovy, 3385, Parameter_Tampering
Groovy, 3414, Stored_HTTP_Response_Splitting
Java, 2789, JSON_Hijacking
Java, 598, Blind_SQL_Injections
Java, 1972, ESAPI_Same_Password_Repeats_Twice
Java, 3771, Heap_Inspection
Java, 3890, Improper_Resource_Access_Authorization
Java, 610, Insufficiently_Protected_Credentials
Java, 612, Potential_ReDoS
Java, 613, Potential_ReDoS_By_Injection
Java, 614, Potential_ReDoS_In_Match
Java, 615, Potential_ReDoS_In_Replace
Java, 616, Potential_ReDoS_In_Static_Field
Java, 4034, Suspected_XSS
Java, 621, UTF7_XSS
Java, 628, DB_Parameter_Tampering
Java, 638, Parameter_Tampering
Java, 1685, Stored_HTTP_Response_Splitting
JavaScript, 2558, Client_Potential_Ad_Hoc_Ajax
JavaScript, 2407, Client_Potential_ReDoS_In_Match
JavaScript, 2408, Client_Potential_ReDoS_In_Replace
JavaScript, 4646, Insufficiently_Protected_Credentials
JavaScript, 3924, JSON_Hijacking
JavaScript, 4128, Missing_Encryption_of_Sensitive_Data
JavaScript, 2979, Parameter_Tampering
Objc, 2911, Heap_Inspection
Objc, 2190, Potential_ReDoS
Objc, 2905, Missing_Encryption_of_Sensitive_Data
Objc, 2857, Parameter_Tampering
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Perl, 4137, Parameter_Tampering
PHP, 1339, Parameter_Tampering
PLSQL, 2628, HTTP_Response_Splitting
PLSQL, 2631, Parameter_Tampering
Python, 3748, Insufficiently_Protected_Credentials
Python, 3557, DB_Parameter_Tampering
Python, 3114, Parameter_Tampering
Ruby, 1511, Blind_SQL_Injections
Ruby, 1526, Insufficiently_Protected_Credentials
Ruby, 1534, XSS_Evasion_Attack
Ruby, 1536, DB_Parameter_Tampering
Ruby, 1547, Parameter_Tampering
Ruby, 2779, Outdated_JSON_GEM_Remote_Code
Ruby, 2780, Outdated_JSON_Remote_Code_Execution
Ruby, 2774, Outdated_Rails_Allows_Bypass_Access_Control
Ruby, 2772, Outdated_Rails_Allows_Cross_Site_Request_Forgery
Ruby, 2778, Outdated_Rails_Allows_DOS_via_ActiveRecord
Ruby, 2773, Outdated_Rails_Allows_SQL_Injection
Ruby, 2781, Outdated_Rails_Allows_XSS
Scala, 4523, Heap_Inspection
Scala, 4471, Potential_Stored_XSS
Scala, 4383, DB_Parameter_Tampering
Scala, 4473, HTTP_Response_Splitting
Scala, 4387, Parameter_Tampering
Scala, 4472, Stored_HTTP_Response_Splitting
Swift, 6923, Heap_Inspection
Swift, 7029, Parameter_Tampering
Swift, 7069, Use_of_Insufficiently_Random_Values
VB6, 1107, Heuristic_Parameter_Tampering
VB6, 1108, Heuristic_SQL_Injection
VB6, 1114, Insufficiently_Protected_Credentials
VB6, 1118, Parameter_Tampering
VbNet, 762, Heuristic_2nd_Order_SQL_Injection
VbNet, 767, Heuristic_CSRF
VbNet, 763, Heuristic_DB_Parameter_Tampering
VbNet, 764, Heuristic_Parameter_Tampering
VbNet, 765, Heuristic_SQL_Injection
VbNet, 766, Heuristic_Stored_XSS
VbNet, 777, UTF7_XSS
VbNet, 779, Blind_SQL_Injections
VbNet, 3773, Heap_Inspection
VbNet, 794, Insufficiently_Protected_Credentials
VbNet, 802, XSS_Evasion_Attack
VbNet, 807, DB_Parameter_Tampering
VbNet, 815, Parameter_Tampering
VbNet, 817, Reflected_XSS_Specific_Clients
ASP, 185, Parameter_Tampering
CSharp, 4729, Deserialization_of_Untrusted_Data
Groovy, 3834, Heap_Inspection
Groovy, 3374, DB_Parameter_Tampering
Groovy, 3385, Parameter_Tampering
Java, 4690, Deserialization_of_Untrusted_Data
JavaScript, 6090, Deserialization_of_Untrusted_Data
Objc, 2196, Side_Channel_Data_Leakage
Perl, 2043, Missing_Encryption_of_Sensitive_Data
Ruby, 1544, Insecure_Randomness
Ruby, 1547, Parameter_Tampering
VbNet, 3773, Heap_Inspection
Engine Pack Supported Code Languages and Frameworks (9.6.4)
Environment and Primary Languages | Secondary Languages | Framework | File extensions | Additional Information | |
|---|---|---|---|---|---|
|
|
|
| Java can be configured as a unified language with Scala. | |
|
|
|
| ||
|
|
|
| ||
|
| ||||
|
|
| |||
| JavaScript |
|
| ||
|
|
| This is for Salesforce APEX only. | ||
|
|
| |||
|
|
| |||
|
| ||||
|
| ||||
|
|
| |||
|
| ||||
|
| ||||
|
| ||||
|
|
|
| ||
|
|
| |||
|
|
| Scala can be configured as a unified language with Java. | ||
|
|
| |||
|
|
| |||
|
| ||||
|
| ||||
|
|
| |||
|
|
| |||
|
|
Vulnerability Queries 9.6.4
All queries that are executed in version 9.6.4 are available for download - PDF, CSV
New and updated queries in version 9.6.4 are available for download - PDF, CSV
Queries associated with predefined query presets are available for download - PDF, CSV
Release Notes for Engine Pack (EP) 9.6.4 Patches
Version 9.6.4.1003 April 2024 |
|---|
|
Version 9.6.4.1002 March 2024 |
|---|
|