Explore

Filters (0) Clear filters
Languages
Level
Tags

151-175 of 589

View details
Injection: Avoid Code Injection: Use SafeConstructor: 1st argument of type Constructor

Could lead to Remote Code Execution

  • error
  • java
  • security
  • basic protection set
  • injection
  • YAML
  • OWASP Top 10
View details
Injection: Avoid Code Injection: Use SafeConstructor: arguments, but no Constructor argument

Could lead to Remote Code Execution

  • error
  • java
  • security
  • basic protection set
  • injection
  • YAML
  • OWASP Top 10
View details
Injection: Avoid Code Injection: Use SafeConstructor: no arguments

Could lead to Remote Code Execution

  • error
  • java
  • security
  • basic protection set
  • injection
  • YAML
  • OWASP Top 10
View details
Injection: Avoid SQL Injection: Use Parameterized Queries (PreparedStatement)

Could lead to SQL Injection

  • error
  • java
  • security
  • SEI CERT
  • basic protection set
  • injection
  • SQL
  • OWASP Top 10
View details
Injection: Avoid SQL Injection: Use Parameterized Queries (Statement)

Could lead to SQL Injection

  • error
  • java
  • security
  • SEI CERT
  • basic protection set
  • injection
  • SQL
  • OWASP Top 10
View details
Injection - SQL Injection in JPA: EntityManager#createNativeQuery

Avoid SQLi by using parameterized queries, instead of string concatenation with untrusted input

  • error
  • java
  • security
  • JPA
  • injection
  • SQL
  • OWASP Top 10
View details
Injection - SQL Injection in JPA: EntityManager#createQuery

Avoid SQLi by using parameterized queries, instead of string concatenation with untrusted input

  • error
  • java
  • security
  • JPA
  • injection
  • SQL
  • OWASP Top 10
View details
Injection: XXE: Jaxb2Marshaller#setProcessExternalEntities set to true

Prevent XXE by disabling the processing of external entities

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Injection: XXE: Jaxb2Marshaller#setSupportDtd set to true

Prevent XXE by disabling DTDs

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Injection: XXE: Jaxb2RootElementHttpMessageConverter#setProcessExternalEntities set to true

Prevent XXE by disabling the processing of External Entities

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Injection: XXE: Jaxb2RootElementHttpMessageConverter#setSupportDtd set to true

Prevent XXE by disabling DTDs

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Injection: XXE: SourceHttpMessageConverter#setProcessExternalEntities set to true

Prevent XXE by disabling the processing of External Entities

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Injection: XXE: SourceHttpMessageConverter#setSupportDtd set to true

Prevent XXE by disabling DTDs

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Input Validation: Avoid Expression Language Injection: Do not evaluate expressions controlled by user input (javax)

Could lead to Expression Language Injection

  • error
  • java
  • expression language
  • security
  • injection
  • OWASP Top 10
View details
Input Validation: Avoid JDBC Injection: Bind variables in prepared statements: single parameter

Could lead to JDBC Injection

  • error
  • java
  • Spring
  • security
  • Spring Data
  • framework specific
  • injection
  • SQL
  • OWASP Top 10
View details
Input Validation: Avoid JDBC Injection: Bind variables in prepared statements: Two parameters

Could lead to JDBC Injection

  • error
  • java
  • Spring
  • security
  • Spring Data
  • framework specific
  • injection
  • SQL
  • OWASP Top 10
View details
Input Validation: Avoid Spring Expression Language Injection: Do not evaluate expressions controlled by user input (ExpressionParser)

Could lead to Spring Expression Language Injection

  • error
  • java
  • expression language
  • Spring
  • Spring Core
  • security
  • framework specific
  • injection
  • OWASP Top 10
View details
Input Validation: Avoid XXE: Use automatically protected source types

Could lead to XXE

  • error
  • java
  • Spring
  • security
  • XXE
  • framework specific
  • Spring XML
  • OWASP Top 10
View details
Insecure Data Storage: Store Sensitive Data in a Private Location (FileOutputStream constructor) in Activity

Do not store sensitive data in a public location

  • warning
  • java
  • security
  • framework specific
  • mobile
  • Android
View details
Insecure Data Storage: Store Sensitive Data in a Private Location (FileOutputStream constructor) in Fragment

Do not store sensitive data in a public location

  • warning
  • java
  • security
  • framework specific
  • mobile
  • Android
View details
Insecure Data Storage: Use SQLCipher Database (all other methods)

SQLite Databases are an insecure means of storage

  • warning
  • java
  • security
  • framework specific
  • mobile
  • Android
  • SQL
  • Android security set
View details
Insecure Data Storage: Use SQLCipher Database (creation)

SQLite Databases are an insecure means of storage

  • warning
  • java
  • security
  • framework specific
  • mobile
  • Android
  • SQL
  • Android security set
View details
Invalid comparison of String to number primitive

This comparison of a String to a number will always return false

  • error
  • java
  • Java basic
  • quality
View details
Invalid comparison of String to number wrapper

This comparison of a String to a number will always return false

  • error
  • java
  • Java basic
  • quality
View details
JUnit 4: assertEquals suspicious order of arguments (with message)

Suspicious argument values for 'expected' and 'actual'

  • warning
  • java
  • testing
  • framework specific
  • JUnit 4
  • quality