Vulnerability
Code Rules in Vulnerability category
Category | Severity | Name | Description |
---|---|---|---|
|
|
|
AES encryption algorithm should be used with secured mode |
|
|
|
SHA-1 and Message-Digest hash algorithms should not be used in secure contexts |
|
|
|
Database queries should not be vulnerable to injection attacks |
|
|
|
DES Crypting should not be used |
|
|
|
Encryption algorithms should be used with secure mode and padding scheme |
|
|
|
Cryptographic keys should be robust |
|
|
|
Encryption keys should not be hardcoded |
|
|
|
Hard coded IP address should not be used |
|
|
|
Console logging should not be used |
|
|
|
CoSetProxyBlanket and CoInitializeSecurity should not be used |
|
|
|
OS commands should not be vulnerable to injection attacks |
|
|
|
Regular expressions should not be vulnerable to Denial of Service attacks |
|
|
|
SOAP and INET PowerBuilder objects do not support use of TLS 1.2 and that makes it vulnerable to attacks |
|
|
|
OLE Web Browser not secured |
|
|
|
Hard coded UserId / Password for database connection should not be used |
|
|
|
I/O function calls should not be vulnerable to path injection attacks |