| CS.ABV.EXCEPT
|
IndexOutOfRange exception while accessing array element |
1 |
True |
| CS.ASSIGN.SELF
|
Assignment of expression to itself |
4 |
False |
| CS.AUTH.NOATTR
|
Possible missing authorization check |
4 |
False |
| CS.CMP.VAL.NULL
|
Possible comparing value type expression with 'null' |
4 |
False |
| CS.CONSTCOND.DO
|
'do' controlling expression is always true or always false |
4 |
True |
| CS.CONSTCOND.IF
|
'if' controlling expression is always true or always false |
4 |
True |
| CS.CONSTCOND.SWITCH
|
'switch' selector expression is constant |
4 |
True |
| CS.CONSTCOND.TERNARY
|
Controlling condition in conditional expression is always true or always false |
4 |
True |
| CS.CONSTCOND.WHILE
|
'while' controlling expression is always true or always false |
4 |
True |
| CS.CSRF.ATTR.NOATTR
|
AntiForgery attribute should be added to class or method. |
4 |
False |
| CS.CSRF.ATTR.POST
|
AntiForgery attribute should be added to class or method. |
2 |
False |
| CS.CSRF.VALIDATE
|
Validation of 'POST request data access' is not done. |
2 |
False |
| CS.CSRF.VSUK.CONSTASSIGN
|
A const string is assigned to property 'ViewStateUserKey'. |
3 |
False |
| CS.CSRF.VSUK.NOASSIGN
|
Property 'ViewStateUserKey' is not set. |
3 |
False |
| CS.CTOR.VIRTUAL
|
Virtual member call in constructor |
3 |
True |
| CS.DBZ.CONST
|
Division by a zero constant occurs |
1 |
False |
| CS.DBZ.CONST.CALL
|
The value '0' is passed to function that can use this value as divisor |
1 |
False |
| CS.DBZ.GENERAL
|
Division by zero might occur |
1 |
False |
| CS.DBZ.ITERATOR
|
Division by zero might occur in a loop iterator |
1 |
False |
| CS.EMPTY.CATCH
|
Empty catch clause |
4 |
True |
| CS.FLOAT.EQCHECK
|
Equality check on floating point type |
3 |
True |
| CS.FRACTION.LOSS
|
Possible loss of fraction |
4 |
True |
| CS.HCC
|
Use of hardcoded credentials |
2 |
True |
| CS.HCC.PWD
|
Use of a hardcoded password |
2 |
True |
| CS.HCC.USER
|
Use of a hardcoded user name |
2 |
True |
| CS.HIDDEN.MEMBER.LOCAL.CLASS
|
Member is hidden by a local variable |
3 |
True |
| CS.HIDDEN.MEMBER.LOCAL.STRUCT
|
Member is hidden by a local variable |
3 |
True |
| CS.HIDDEN.MEMBER.PARAM.CLASS
|
Member is hidden by a parameter |
3 |
True |
| CS.HIDDEN.MEMBER.PARAM.STRUCT
|
Member is hidden by a parameter |
3 |
True |
| CS.IFACE.EMPTY
|
Empty interface |
4 |
True |
| CS.INFORMATION_EXPOSURE.ALL
|
Potential information exposure |
4 |
False |
| CS.INFORMATION_EXPOSURE.ATTR
|
Potential security information exposure |
3 |
True |
| CS.LOCRET.ARG
|
Function returns address of local variable |
1 |
True |
| CS.LOCRET.GLOB
|
Function returns address of local variable |
1 |
True |
| CS.LOCRET.RET
|
Function returns address of local variable |
1 |
True |
| CS.LOOP.STR.CONCAT
|
String concatenation in a loop |
4 |
True |
| CS.NPS
|
No permissions set for resource before accessing it |
4 |
True |
| CS.NRE.CHECK.CALL.MIGHT
|
Reference may be passed to function that can dereference it after it was positively checked for null |
2 |
True |
| CS.NRE.CHECK.CALL.MUST
|
Reference will be passed to function that may dereference it after it was positively checked for null |
2 |
True |
| CS.NRE.CHECK.MIGHT
|
Reference may be dereferenced after it was positively checked for null |
2 |
True |
| CS.NRE.CHECK.MUST
|
Reference will be dereferenced after it was positively checked for null |
2 |
True |
| CS.NRE.CONST.CALL
|
Constant null is passed to function that can dereference it |
2 |
True |
| CS.NRE.CONST.DEREF
|
Constant null is dereferenced |
2 |
True |
| CS.NRE.FUNC.CALL.MIGHT
|
Result of function that may return null may be passed to another function that may dereference it |
2 |
True |
| CS.NRE.FUNC.CALL.MUST
|
Result of function that may return null will be passed to another function that may dereference it |
2 |
True |
| CS.NRE.FUNC.MIGHT
|
Result of function that can return null may be dereferenced |
2 |
True |
| CS.NRE.FUNC.MUST
|
Result of function that may return null will be dereferenced |
2 |
True |
| CS.NRE.GEN.CALL.MIGHT
|
Null reference may be passed to function that may dereference it |
1 |
True |
| CS.NRE.GEN.CALL.MUST
|
Null reference will be passed to function that may dereference it |
1 |
True |
| CS.NRE.GEN.MIGHT
|
Null reference may be dereferenced |
1 |
True |
| CS.NRE.GEN.MUST
|
Null reference will be dereferenced |
1 |
True |
| CS.OVRD.EQUALS
|
Overriding 'Equals' operator on a reference type |
4 |
False |
| CS.RCA
|
Risky cryptographic algorithm used |
4 |
False |
| CS.RESOURCE.AUTOBOXING
|
Autoboxing during operation inside a loop |
4 |
False |
| CS.RESOURCE.LOOP
|
Object Allocation inside a loop |
4 |
True |
| CS.RESOURCE.UNBOXING
|
Unboxing during operation inside a loop |
4 |
False |
| CS.RLK
|
Resource leak |
2 |
True |
| CS.RNRE
|
Suspicious dereference before null check |
2 |
True |
| CS.SQL.INJECT.LOCAL
|
SQL injection |
2 |
True |
| CS.SV.TAINTED.ALLOC_SIZE
|
Use of unvalidated integer in memory allocation |
2 |
True |
| CS.SV.TAINTED.BINOP
|
Use of unvalidated integer in binary operation |
3 |
False |
| CS.SV.TAINTED.CALL.BINOP
|
Use of unvalidated integer in binary operation |
3 |
False |
| CS.SV.TAINTED.CALL.GLOBAL
|
Use of unvalidated integer in an assignment operation |
3 |
False |
| CS.SV.TAINTED.CALL.INDEX_ACCESS
|
Use of unvalidated integer as array index by function call |
2 |
True |
| CS.SV.TAINTED.CALL.LOOP_BOUND
|
Use of unvalidated integer in loop condition through a function call |
2 |
True |
| CS.SV.TAINTED.CALL.LOOP_BOUND.RESOURCE
|
Resource allocation in a loop is controlled by tainted data |
2 |
True |
| CS.SV.TAINTED.DESERIALIZATION
|
Use of unvalidated integer during deserialization in object creation |
3 |
False |
| CS.SV.TAINTED.DLLPRELOAD
|
Use of unvalidated string to load a DLL |
2 |
False |
| CS.SV.TAINTED.FMTSTR
|
Use of unvalidated data in a format string |
1 |
True |
| CS.SV.TAINTED.GLOBAL
|
Use of Unvalidated Integer in an Assignment Operation |
3 |
False |
| CS.SV.TAINTED.INDEX_ACCESS
|
Use of unvalidated integer as array index |
1 |
True |
| CS.SV.TAINTED.INJECTION
|
C# command injection |
3 |
True |
| CS.SV.TAINTED.LOOP_BOUND
|
Use of unvalidated integer in loop condition |
2 |
True |
| CS.SV.TAINTED.LOOP_BOUND.RESOURCE
|
Resource allocation in a loop controlled by tainted data |
2 |
True |
| CS.SV.TAINTED.PATH_TRAVERSAL
|
Use of unvalidated data in a path traversal |
1 |
True |
| CS.SV.USAGERULES.PERMISSIONS
|
Use of Privilege Elevation |
4 |
False |
| CS.UFR
|
Using freed resource |
2 |
False |
| CS.UNCHECKED.CAST
|
Object with type 'Object' is incorrectly cast to another object |
2 |
False |
| CS.UNCHECKED.LOOPITER.CAST
|
Object with type 'Object' is incorrectly cast to another object in a loop |
2 |
False |
| CS.UNSAFE.DLLPRELOAD
|
Use of Attribute to Load a DLL |
2 |
False |
| CS.UNSAFE.SEARCH_PATH
|
Use of search path to resolve absolute Path |
2 |
False |
| CS.WRONG.CAST
|
Object is incorrectly cast to another object |
2 |
False |
| CS.WRONG.CAST.MIGHT
|
Object may be incorrectly cast to another object |
2 |
False |
| CS.WRONGSIG.CMPTO
|
Wrong signature of 'CompareTo' method |
4 |
False |
| CS.WRONGUSE.REFEQ
|
Improper usage of Object.ReferenceEquals |
4 |
True |
| CS.X509.REVOCATION
|
Certificate revocation list check is disabled. |
2 |
False |
| CS.X509.VALIDATION
|
Validation of input is not done using AntiForgery.Validate |
2 |
False |
| CS.XSS.PERSIST
|
Cross-site Scripting Persisting Vulnerability |
2 |
False |
| CS.XSS.REFLECT
|
Cross-site Scripting Reflecting Vulnerability |
2 |
False |
| CS.XXE.DOCUMENT
|
Possible XML External Entity (XXE) Attack |
3 |
False |
| CS.XXE.READER
|
Possible XML External Entity (XXE) Attack |
3 |
False |
| CS.XXE.TEXT_READER
|
Possible XML External Entity (XXE) Attack |
3 |
False |
