Explore

Filters (0) Clear filters
Languages
Level
Tags

126-150 of 159

SQL Injection: SQLiteDatabase#query - 2nd parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
SQL Injection: SQLiteDatabase#query - 3rd parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
SQL Injection: SQLiteDatabase#query - 5th parameter

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
SQL Injection: SQLiteQueryBuilder appendWhere

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
SQL Injection: SQLiteQueryBuilder#buildQuery

This method is vulnerable to SQL injection. Consider writing the query instead of relying on builders.

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • SQL
  • Android
  • OWASP Top 10
SQL Injection: SQLiteQueryBuilder compileStatement

This query could lead to SQL injection

  • error
  • java
  • security
  • framework specific
  • mobile
  • injection
  • Android
  • SQL
  • OWASP Top 10
Storage best practices: insecure operating mode

When using this value other applications will have access to your application's data

  • error
  • java
  • security
  • framework specific
  • mobile
  • Android
  • Android security set
Strings: Regex Use: Escape Regex Special Character for Any Char Matching

First argument is a regular expression, matching with dot might have unintended behaviour.

  • error
  • java
  • security
  • Java basic
Test framework: Enforce @Rule annotation for a JUnitSoftAssertions field

A JUnitSoftAssertions field always need to have the @Rule annotation

  • error
  • java
  • testing
  • framework specific
  • JUnit 4
  • quality
TLS: Weak Encryption: Insecure Version

Could lead to Data Exposure

  • error
  • java
  • security
  • web
  • TLS
  • OWASP Top 10
Use SecureRandom instead of Random

Using Random can lead to predictable randomness

  • error
  • java
  • security
  • SEI CERT
Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

  • error
  • xml
  • Apache Maven
  • Log4j
  • OWASP Top 10
  • SLF4J
  • basic protection set
  • framework specific
  • injection
  • logging
  • security
Vulnerable Log4j version - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

Vulnerable Log4j version - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

  • error
  • java
  • kotlin
  • Log4j
  • OWASP Top 10
  • SLF4J
  • basic protection set
  • framework specific
  • injection
  • logging
  • security
Vulnerable Log4j version property - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

Vulnerable Log4j version property - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

  • error
  • xml
  • Apache Maven
  • Log4j
  • OWASP Top 10
  • SLF4J
  • basic protection set
  • framework specific
  • injection
  • logging
  • security
WebView Best Practices: Check URL to White List

Consider allowlist validation for URLs passed to this method

  • error
  • java
  • security
  • mobile
  • framework specific
  • Android
WebView Best Practices: Disable File Access (constructor)

Enabling file access in the webview could lead to misuse

  • error
  • java
  • security
  • framework specific
  • Android
  • mobile
  • Android security set
WebView Best Practices: Disable File Access (setter)

Enabling file access in the webview could lead to misuse

  • error
  • java
  • security
  • framework specific
  • Android
  • mobile
  • Android security set
WebView best practices: Disable Geolocation (constructor)

Enabling geolocation in the webview could lead to data exposure

  • error
  • java
  • security
  • framework specific
  • Android
  • mobile
  • Android security set
WebView best practices: Disable Geolocation (setter)

Enabling geolocation in the webview could lead to data exposure

  • error
  • java
  • security
  • framework specific
  • Android
  • mobile
  • Android security set
WebView best practices: Disable JavaScript (constructor)

Enabling JavaScript in the webview could lead to XSS

  • error
  • java
  • security
  • framework specific
  • Android
  • mobile
  • Android security set
WebView best practices: Disable JavaScript (setter)

Enabling JavaScript in the webview could lead to XSS

  • error
  • java
  • security
  • framework specific
  • Android
  • mobile
  • Android security set
XXE: DocumentBuilderFactory: Add missing feature dissallow-doctype-decl

Could lead to XXE

  • error
  • java
  • security
  • XXE
  • basic protection set
  • OWASP Top 10
XXE: DocumentBuilderFactory: Add missing feature external-parameter-entities

Could lead to XXE

  • error
  • java
  • security
  • XXE
  • basic protection set
  • OWASP Top 10
XXE: DocumentBuilderFactory: Add missing feature load-external-dtd

Could lead to XXE

  • error
  • java
  • security
  • XXE
  • basic protection set
  • OWASP Top 10
XXE: DocumentBuilderFactory: Add missing feature setExpandEntityReferences

Could lead to XXE

  • error
  • java
  • security
  • XXE
  • basic protection set
  • OWASP Top 10