Not setting filterTouchesWhenObscured to true allows adversaries to hijack users' taps.

• warning
• xml
• security
• framework specific
• mobile
• Android

Setting filterTouchesWhenObscured to false allows adversaries to hijack users' taps.

• warning
• xml
• security
• mobile
• framework specific
• Android

Use transport level security to connect to the database

• warning
• xml
• database
• security
• Hibernate
• framework specific
• OWASP Top 10
• TLS

Launch mode should not be set for private activities

• warning
• xml
• security
• framework specific
• mobile
• Android

Task affinity should not be set for private activities

• warning
• xml
• security
• framework specific
• mobile
• Android

Enabling backups could lead to undesired manipulation

• error
• xml
• security
• framework specific
• mobile
• Android

When android:usesCleartextTraffic="true" is set the application will allow clear text traffic which could lead to data leakage

• error
• xml
• security
• framework specific
• mobile
• Android

When android:exported is set to true any application will be able to call this component.

• error
• xml
• security
• framework specific
• mobile
• Android

Vulnerable Log4j dependency - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

• error
• xml
• Apache Maven
• Log4j
• OWASP Top 10
• SLF4J
• basic protection set
• framework specific
• injection
• logging
• security

Vulnerable Log4j version property - Log4Shell/CVE-2021-44228/CVE-2021-45046/CVE-2021-45105

• error
• xml
• Apache Maven
• Log4j
• OWASP Top 10
• SLF4J
• basic protection set
• framework specific
• injection
• logging
• security