CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 11 Control flow: if(globalRetu...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 10 Control flow: if(globalTrue...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 09 Control flow: if(GLOBAL_CON...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 08 Control flow: if(staticRetu...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 07 Control flow: if(staticFive...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 06 Control flow: if(STATIC_CON...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 05 Control flow: if(staticTrue...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 04 Control flow: if(STATIC_CON...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 03 Control flow: if(5==5) and ...

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 02 Control flow: if(1) and if(0)

CWE: 272 Least Privilege Violation Sinks: CreateProcessAsUser GoodSink: Create a process using CreateProcessAsUserA() with quotes for the executable path BadSink : Create a process using CreateProcessAsUserA() without quotes for the executable path Flow Variant: 01 Baseline

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 84 Data flow: data passed to class constructor and destructor by declaring the class object on the h...

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 83 Data flow: data passed to class constructor and destructor by declaring the class object on the s...

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console BadSink : Authenticate the user using LogonUserW() Flow Variant: 82 Data flow: data passed in a parameter to an virtual method called via a pointer

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 81 Data flow: data passed in a parameter to an virtual method called via a reference

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 74 Data flow: data passed in a map from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 73 Data flow: data passed in a list from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 72 Data flow: data passed in a vector from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sink: BadSink : Authenticate the user using LogonUserW() Flow Variant: 68 Data flow: data passed as a global variable from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 67 Data flow: data passed in a struct from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 66 Data flow: data passed in an array from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 65 Data/control flow: data passed as an argument from one function to a function in a different sour...

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 64 Data flow: void pointer to data passed from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 63 Data flow: pointer to data passed from one function to another in different source files

CWE: 259 Use of Hard-coded Password BadSource: Use a hardcoded password GoodSource: Read the password from the console Sinks: BadSink : Authenticate the user using LogonUserW() Flow Variant: 62 Data flow: data flows using a C++ reference from one function to another in different source files