Explore
1-10 of 10
Configuration - User Interface: Avoid Tapjacking: Add filterTouchesWhenObscured
Not setting filterTouchesWhenObscured to true allows adversaries to hijack users' taps.
- warning
- xml
- security
- framework specific
- mobile
- Android
Configuration - User Interface: Avoid Tapjacking: Enable filterTouchesWhenObscured
Setting filterTouchesWhenObscured to false allows adversaries to hijack users' taps.
- warning
- xml
- security
- mobile
- framework specific
- Android
Hibernate: Missing transport-level security: No SSL for database connection
Use transport level security to connect to the database
- warning
- xml
- database
- security
- Hibernate
- framework specific
- OWASP Top 10
- TLS
Manifest Best Practices: Activity: launch mode should not be set
Launch mode should not be set for private activities
- warning
- xml
- security
- framework specific
- mobile
- Android
Manifest Best Practices: Activity: task affinity should not be set
Task affinity should not be set for private activities
- warning
- xml
- security
- framework specific
- mobile
- Android
Manifest best practices: Disable Backups
Enabling backups could lead to undesired manipulation
- error
- xml
- security
- framework specific
- mobile
- Android
Manifest best practices: disable cleartext traffic
When android:usesCleartextTraffic="true" is set the application will allow clear text traffic which could lead to data leakage
- error
- xml
- security
- framework specific
- mobile
- Android
Manifest best practices: explicit exported components
When android:exported is set to true any application will be able to call this component.
- error
- xml
- security
- framework specific
- mobile
- Android
Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105
Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105
- error
- xml
- Apache Maven
- Log4j
- OWASP Top 10
- SLF4J
- basic protection set
- framework specific
- injection
- logging
- security
Vulnerable Log4j version property - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105
Vulnerable Log4j version property - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105
- error
- xml
- Apache Maven
- Log4j
- OWASP Top 10
- SLF4J
- basic protection set
- framework specific
- injection
- logging
- security