Explore

Filters (0) Clear filters
Languages
Level
Tags

51-75 of 91

View details
Session configuration: Cookies: Set HttpOnly flag to true

Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true

  • error
  • java
  • Spring
  • security
  • framework specific
  • web
  • Spring Boot
  • OWASP Top 10
View details
Session configuration: Cookies: Set HttpOnly flag to true

Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true

  • error
  • java
  • security
  • web
  • OWASP Top 10
View details
Session configuration: Cookies: Set HttpOnly flag to true

Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true

  • error
  • java
  • security
  • web
  • Apache Shiro
  • OWASP Top 10
View details
Session configuration: Cookies: Set Secure flag to true

Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true

  • error
  • java
  • security
  • web
  • OWASP Top 10
View details
Session configuration: Cookies: Set Secure flag to true

Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true

  • error
  • java
  • security
  • web
  • Apache Shiro
  • OWASP Top 10
View details
Session configuration: Cookies: Set Secure flag to true

Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true

  • error
  • java
  • Spring
  • security
  • framework specific
  • web
  • Spring Boot
  • OWASP Top 10
View details
Session configuration: Cookies: Set Secure flag to true

Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true

  • error
  • java
  • Spring
  • security
  • framework specific
  • web
  • Spring Web
  • OWASP Top 10
View details
Session configuration: HttpCookie: Configure HttpOnly flag

Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true

  • error
  • java
  • security
  • web
  • OWASP Top 10
View details
Should use requiresSecure

Use of HTTP instead of HTTPS is insecure

  • error
  • java
  • Spring
  • security
  • framework specific
  • web
  • Spring Security
  • OWASP Top 10
View details
SLF4J Logging: enforce usage of placeholders in the messages

Do not concatenate untrusted data in the message string, instead use placeholders ( '{}' )

  • marked_information
  • java
  • security
  • logging
  • injection
  • OWASP Top 10
  • SLF4J
  • framework specific
View details
Spring Data Neo4jClient#query is vulnerable to injections

Spring Data Neo4jClient#query is vulnerable to injections

  • error
  • java
  • security
  • Neo4j
  • framework specific
  • OWASP Top 10
  • injection
  • Spring Data
View details
SQL Injection: SQLiteDatabase#execSQL

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteDatabase#query - 1st parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteDatabase#query - 2nd parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteDatabase#query - 3rd parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteDatabase#query - 5th parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteQueryBuilder appendWhere

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteQueryBuilder#buildQuery

This method is vulnerable to SQL injection. Consider writing the query instead of relying on builders.

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • SQL
  • Android
  • OWASP Top 10
View details
SQL Injection: SQLiteQueryBuilder compileStatement

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
View details
SQL Injection: SQLiteQueryBuilder compileStatement Compliant

SQL Injection: SQLiteQueryBuilder compileStatement - Compliant

  • compliant
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • Android security set
  • OWASP Top 10
View details
TLS: Disabled Certificate validation

The verify method has been overridden, and always returns true

  • warning
  • java
  • security
  • web
  • TLS
  • OWASP Top 10
View details
TLS: Weak Encryption: Insecure Version

Could lead to Data Exposure

  • error
  • java
  • security
  • web
  • TLS
  • OWASP Top 10
View details
TLS: Weak Encryption: Outdated Version

Could lead to Data Exposure

  • warning
  • java
  • security
  • web
  • TLS
  • OWASP Top 10
View details
Untrusted input in logging

Prevent log injection by filtering untrusted input

  • info
  • java
  • security
  • OWASP Top 10
  • framework specific
  • logging
  • Logger
  • injection
View details
Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

  • error
  • xml
  • Apache Maven
  • Log4j
  • OWASP Top 10
  • SLF4J
  • basic protection set
  • framework specific
  • injection
  • logging
  • security