Swift
Available solutions
- Authentication mechanism absence or evasion
- Cross-site request forgery
- Use of software with known vulnerabilities
- Insecure object reference
- Insecure functionality
- Insecure authentication method - Basic
- Insecure encryption algorithm - SSL/TLS
- Sensitive information sent insecurely
- Administrative credentials stored in cache memory
- Non-encrypted confidential information
- Use of an insecure channel
- User enumeration
- Insecure temporary files
- Insecure generation of random numbers
- Business information leak
- Insecure encryption algorithm
- Insecure service configuration - Host verification
- Technical information leak - Console functions
- Improper resource allocation
- Insecure session expiration time
- Weak CAPTCHA
- Insecure session management
- Log injection
- Insecure encryption algorithm - Anonymous cipher suites
- Insecure encryption algorithm - Cipher Block Chaining
- Insecure deserialization
- Improper type assignation
- Security controls bypass or absence
- Unverifiable files
- Metadata with sensitive information
- Race condition
- Lack of isolation methods
- Inappropriate coding practices
- Insecure exceptions - Empty or no catch
- Sensitive information in source code - API Key
- Inappropriate coding practices - Cyclomatic complexity
- Insecure encryption algorithm - SSLContext
- Uncontrolled external site redirect
- Insecure service configuration - App Backup
- Insecure service configuration - Backup
- Debugging enabled in production
- Lack of data validation
- Lack of data validation - Responses
- Lack of data validation - Input Length
- Lack of data validation - Numbers
- Lack of data validation - Emails
- Unauthorized access to files
- Insufficient data authenticity validation
- Security controls bypass or absence - Facial Recognition
- Incomplete funcional code
- Technical information leak - Print Functions
- Authentication mechanism absence or evasion - OTP
- Insecure encryption algorithm - SHA1
- Insecure encryption algorithm - AES
- Insecure service configuration - Webview
- Insecure encryption algorithm - Blowfish
- Insecure functionality - File Creation
- Insecure functionality - Password management
- Insecure functionality - Fingerprint
- Non-encrypted confidential information - Local data
- Non-encrypted confidential information - Base 64
- Insecure service configuration - App Transport Security
- Authentication mechanism absence or evasion - Redirect
- Unauthorized access to screen
- Improper resource allocation - Memory leak
- Use of insecure channel - Source code
- Lack of data validation - Special Characters
- Security controls bypass or absence - Session Invalidation
- Excessive privileges - Mobile App
- Sensitive information in source code - Credentials
- Authentication mechanism absence or evasion - Security Image
- Non-encrypted confidential information - Hexadecimal
- Inappropriate coding practices - Unnecessary imports
- Insufficient data authenticity validation - Front bypass
- Inappropriate coding practices - Unused properties
- Use of software with known vulnerabilities in development
- Insecure generation of random numbers - Static IV
- Insecure encryption algorithm - Insecure Elliptic Curve
- Inappropriate coding practices - invalid file
- Use of software with known vulnerabilities in environments