Skip to main content

Swift

Available solutions

  1. Authentication mechanism absence or evasion
  2. Cross-site request forgery
  3. Use of software with known vulnerabilities
  4. Insecure object reference
  5. Insecure functionality
  6. Insecure authentication method - Basic
  7. Insecure encryption algorithm - SSL/TLS
  8. Sensitive information sent insecurely
  9. Administrative credentials stored in cache memory
  10. Non-encrypted confidential information
  11. Use of an insecure channel
  12. User enumeration
  13. Insecure temporary files
  14. Insecure generation of random numbers
  15. Business information leak
  16. Insecure encryption algorithm
  17. Insecure service configuration - Host verification
  18. Technical information leak - Console functions
  19. Improper resource allocation
  20. Insecure session expiration time
  21. Weak CAPTCHA
  22. Insecure session management
  23. Log injection
  24. Insecure encryption algorithm - Anonymous cipher suites
  25. Insecure encryption algorithm - Cipher Block Chaining
  26. Insecure deserialization
  27. Improper type assignation
  28. Security controls bypass or absence
  29. Unverifiable files
  30. Metadata with sensitive information
  31. Race condition
  32. Lack of isolation methods
  33. Inappropriate coding practices
  34. Insecure exceptions - Empty or no catch
  35. Sensitive information in source code - API Key
  36. Inappropriate coding practices - Cyclomatic complexity
  37. Insecure encryption algorithm - SSLContext
  38. Uncontrolled external site redirect
  39. Insecure service configuration - App Backup
  40. Insecure service configuration - Backup
  41. Debugging enabled in production
  42. Lack of data validation
  43. Lack of data validation - Responses
  44. Lack of data validation - Input Length
  45. Lack of data validation - Numbers
  46. Lack of data validation - Emails
  47. Unauthorized access to files
  48. Insufficient data authenticity validation
  49. Security controls bypass or absence - Facial Recognition
  50. Incomplete funcional code
  51. Technical information leak - Print Functions
  52. Authentication mechanism absence or evasion - OTP
  53. Insecure encryption algorithm - SHA1
  54. Insecure encryption algorithm - AES
  55. Insecure service configuration - Webview
  56. Insecure encryption algorithm - Blowfish
  57. Insecure functionality - File Creation
  58. Insecure functionality - Password management
  59. Insecure functionality - Fingerprint
  60. Non-encrypted confidential information - Local data
  61. Non-encrypted confidential information - Base 64
  62. Insecure service configuration - App Transport Security
  63. Authentication mechanism absence or evasion - Redirect
  64. Unauthorized access to screen
  65. Improper resource allocation - Memory leak
  66. Use of insecure channel - Source code
  67. Lack of data validation - Special Characters
  68. Security controls bypass or absence - Session Invalidation
  69. Excessive privileges - Mobile App
  70. Sensitive information in source code - Credentials
  71. Authentication mechanism absence or evasion - Security Image
  72. Non-encrypted confidential information - Hexadecimal
  73. Insufficient data authenticity validation - Front bypass
  74. Inappropriate coding practices - Unused properties
  75. Use of software with known vulnerabilities in development
  76. Insecure generation of random numbers - Static IV
  77. Insecure encryption algorithm - Insecure Elliptic Curve
  78. Inappropriate coding practices - invalid file
  79. Use of software with known vulnerabilities in environments