|
Synchronous Access of Remote Resource without Timeout
|
0/100 |
low-risk
|
|
Use of Object without Invoking Destructor Method
|
0/100 |
low-risk
|
|
ASP.NET Misconfiguration: Creating Debug Binary
|
0/100 |
low-risk
|
|
Insufficient Isolation of System-Dependent Functions
|
0/100 |
low-risk
|
|
Reliance on Machine-Dependent Data Representation
|
0/100 |
low-risk
|
|
Use of Platform-Dependent Third Party Components
|
0/100 |
low-risk
|
|
Use of Unmaintained Third Party Components
|
0/100 |
low-risk
|
|
Insufficient Use of Symbolic Constants
|
0/100 |
low-risk
|
|
Insufficient Isolation of Symbolic Constant Definitions
|
0/100 |
low-risk
|
|
Excessive Reliance on Global Variables
|
0/100 |
low-risk
|
|
Direct Use of Unsafe JNI
|
0/100 |
low-risk
|
|
Incomplete Documentation of Program Execution
|
0/100 |
low-risk
|
|
Inappropriate Comment Style
|
0/100 |
low-risk
|
|
Inaccurate Source Code Comments
|
0/100 |
low-risk
|
|
Insufficient Documentation of Error Handling Techniques
|
0/100 |
low-risk
|
|
Excessive Use of Unconditional Branching
|
0/100 |
low-risk
|
|
Excessive Attack Surface
|
0/100 |
low-risk
|
|
Misinterpretation of Input
|
0/100 |
low-risk
|
|
Irrelevant Code
|
0/100 |
low-risk
|
|
Improper Output Neutralization for Logs
|
0/100 |
low-risk
|
|
Improper Use of Validation Framework
|
0/100 |
low-risk
|
|
ASP.NET Misconfiguration: Improper Model Validation
|
0/100 |
low-risk
|
|
Inefficient CPU Computation
|
0/100 |
low-risk
|
|
Incorrect Access of Indexable Resource ('Range Error')
|
0/100 |
low-risk
|
|
DEPRECATED: Use of Uninitialized Resource
|
0/100 |
low-risk
|
|
Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
|
0/100 |
low-risk
|
|
DMA Device Enabled Too Early in Boot Phase
|
0/100 |
low-risk
|
|
On-Chip Debug and Test Interface With Improper Access Control
|
0/100 |
low-risk
|
|
ASP.NET Misconfiguration: Missing Custom Error Page
|
0/100 |
low-risk
|
|
Generation of Weak Initialization Vector (IV)
|
0/100 |
low-risk
|
|
Incorrect Register Defaults or Module Parameters
|
0/100 |
low-risk
|
|
Insufficient Granularity of Address Regions Protected by Register Locks
|
0/100 |
low-risk
|
|
Race Condition for Write-Once Attributes
|
0/100 |
low-risk
|
|
Improper Restriction of Write-Once Bit Fields
|
0/100 |
low-risk
|
|
Exposure of Sensitive Information Through Metadata
|
0/100 |
low-risk
|
|
Improper Prevention of Lock Bit Modification
|
0/100 |
low-risk
|
|
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
|
0/100 |
low-risk
|
|
Hardware Internal or Debug Modes Allow Override of Locks
|
0/100 |
low-risk
|
|
Use of a Cryptographic Primitive with a Risky Implementation
|
0/100 |
low-risk
|
|
Use of Predictable Algorithm in Random Number Generator
|
0/100 |
low-risk
|
|
Inclusion of Undocumented Features or Chicken Bits
|
0/100 |
low-risk
|
|
Internal Asset Exposed to Unsafe Debug Access Level or State
|
0/100 |
low-risk
|
|
Improper Finite State Machines (FSMs) in Hardware Logic
|
0/100 |
low-risk
|
|
Improper Write Handling in Limited-write Non-Volatile Memories
|
0/100 |
low-risk
|
|
Improper Protection Against Voltage and Clock Glitches
|
0/100 |
low-risk
|
|
Improper Preservation of Consistency Between Independent Representations of Shared State
|
0/100 |
low-risk
|
|
Mirrored Regions with Different Values
|
0/100 |
low-risk
|
|
Incorrect Selection of Fuse Values
|
0/100 |
low-risk
|
|
Incorrect Comparison Logic Granularity
|
0/100 |
low-risk
|
|
Comparison Logic is Vulnerable to Power Side-Channel Attacks
|
0/100 |
low-risk
|
|
Improper Restriction of Software Interfaces to Hardware Features
|
0/100 |
low-risk
|
|
Improper Access Control Applied to Mirrored or Aliased Memory Regions
|
0/100 |
low-risk
|
|
Exposure of Sensitive System Information Due to Uncleared Debug Information
|
0/100 |
low-risk
|
|
Improper Handling of Overlap Between Protected Memory Ranges
|
0/100 |
low-risk
|
|
Improper Access Control for Register Interface
|
0/100 |
low-risk
|
|
Improper Physical Access Control
|
0/100 |
low-risk
|
|
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
|
0/100 |
low-risk
|
|
Unintended Reentrant Invocation of Non-reentrant Code Via Nested Calls
|
0/100 |
low-risk
|
|
Product Released in Non-Release Configuration
|
0/100 |
low-risk
|
|
Buffer Under-read
|
0/100 |
low-risk
|
|
Generation of Incorrect Security Tokens
|
0/100 |
low-risk
|
|
Sensitive Information Uncleared Before Debug/Power State Transition
|
0/100 |
low-risk
|
|
Improper Access Control for Volatile Memory Containing Boot Code
|
0/100 |
low-risk
|
|
Sensitive Cookie with Improper SameSite Attribute
|
0/100 |
low-risk
|
|
Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
|
0/100 |
low-risk
|
|
Cryptographic Operations are run Before Supporting Units are Ready
|
0/100 |
low-risk
|
|
Wrap-around Error
|
0/100 |
low-risk
|
|
Sequence of Processor Instructions Leads to Unexpected Behavior
|
0/100 |
low-risk
|
|
Assumed-Immutable Data is Stored in Writable Memory
|
0/100 |
low-risk
|
|
Mutable Attestation or Measurement Reporting Data
|
0/100 |
low-risk
|
|
Improper Validation of Specified Index, Position, or Offset in Input
|
0/100 |
low-risk
|
|
Improper Validation of Consistency within Input
|
0/100 |
low-risk
|
|
Improper Validation of Unsafe Equivalence in Input
|
0/100 |
low-risk
|
|
Public Key Re-Use for Signing both Debug and Production Code
|
0/100 |
low-risk
|
|
Debug Messages Revealing Unnecessary Information
|
0/100 |
low-risk
|
|
Hardware Logic Contains Race Conditions
|
0/100 |
low-risk
|
|
Missing Protection Mechanism for Alternate Hardware Interface
|
0/100 |
low-risk
|
|
Improper Handling of Length Parameter Inconsistency
|
0/100 |
low-risk
|
|
Improper Protection of Physical Side Channels
|
0/100 |
low-risk
|
|
Insufficient or Incomplete Data Removal within Hardware Component
|
0/100 |
low-risk
|
|
Non-Transparent Sharing of Microarchitectural Resources
|
0/100 |
low-risk
|
|
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation
|
0/100 |
low-risk
|
|
Missing Ability to Patch ROM Code
|
0/100 |
low-risk
|
|
Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
|
0/100 |
low-risk
|
|
Hardware Allows Activation of Test or Debug Logic at Runtime
|
0/100 |
low-risk
|
|
Missing Write Protection for Parametric Data Values
|
0/100 |
low-risk
|
|
Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
|
0/100 |
low-risk
|
|
Improper Protection against Electromagnetic Fault Injection (EM-FI)
|
0/100 |
low-risk
|
|
Improper Protection for Outbound Error Messages and Alert Signals
|
0/100 |
low-risk
|
|
Improper Management of Sensitive Trace Data
|
0/100 |
low-risk
|
|
Improperly Controlled Sequential Memory Allocation
|
0/100 |
low-risk
|
|
Missing Immutable Root of Trust in Hardware
|
0/100 |
low-risk
|
|
Security Version Number Mutable to Older Versions
|
0/100 |
low-risk
|
|
Reliance on Component That is Not Updateable
|
0/100 |
low-risk
|
|
Improper Handling of Faults that Lead to Instruction Skips
|
0/100 |
low-risk
|
|
Inefficient Regular Expression Complexity
|
0/100 |
low-risk
|
|
Unauthorized Error Injection Can Degrade Hardware Redundancy
|
0/100 |
low-risk
|
|
Information Exposure through Microarchitectural State after Transient Execution
|
0/100 |
low-risk
|
|
Incorrect Calculation of Multi-Byte String Length
|
0/100 |
low-risk
|
|
Reliance on Insufficiently Trustworthy Component
|
0/100 |
low-risk
|