The test cases shows hard-coded passwords is used in a loop.

The test cases shows hard-coded password is used in a function.

The test cases shows hard-coded passwords is used.

Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system.

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack. In the case of C++, misusing container vector could also cause stack overflow.

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack. In the case of C++, misusing container vector could also cause stack overflow.

A software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) should examine the input before its use.

A software system that accepts and executes input in the form of operating system commands (e.g. system()) could allow an attacker with lesser privileges than the target software to execute commands with the elevated privileges of the executing process.

A software system that accepts and executes input in the form of operating system commands (e.g. system()) could allow an attacker with lesser privileges than the target software to execute commands with the elevated privileges of the executing process.

A software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) should examine the input before its use.

A software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) could allow an attacker with lesser privileges than the target software to execute commands with the elevated privileges of the executing process.

A software system that accepts and executes input in the form of operating system commands (e.g. system()) could allow an attacker with lesser privileges than the target software to execute commands with the elevated privileges of the executing process.

A software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) should examine the input before its use.

A software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) could allow an attacker with lesser privileges than the target software to execute commands with the elevated privileges of the executing process.

Allowing user input to control resource identifiers may enable an attacker to access or modify otherwise protected system resources.

Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system.

Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system.

Allowing user input to control resource identifiers may enable an attacker to access or modify otherwise protected system resources.

Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system.

Allowing user input to control resource identifiers may enable an attacker to access or modify otherwise protected system resources.

The test case shows a resource injection.

Null Dereference in a Index Alias complexity

Null Dereference in a Index Alias complexity

The pointer p is dereferenced even though the value is null.

The pointer p is dereferenced even though the value is null.