| Broken authentication |
| Buffer overlap |
| Constant expression result |
| Directory traversal |
| Disable character escaping |
| Divided by zero |
| File disclosure |
| Format string manipulation |
| Improper certificate validation |
| Improper input validation |
| Improper privilege management |
| Information exposure |
| Insecure cookie |
| Insecure HTTP security header |
| Insecure library |
| Insecure network configuration |
| Insecure session |
| Insecure SSL/TLS |
| Integer overflow |
| Invalid address assign |
| Invalid class instantiation |
| Invalid file handling |
| Invalid iterator operation |
| Invalid memory allocation |
| Invalid memory deallocation |
| Invalid parameter |
| Invalid parameter type |
| Invalid pipe operation |
| Invalid shift operation |
| Invalid variable type |
| Memory leak |
| Missing initialization |
| Missing return statement |
| Null pointer dereference |
| Out of bounds |
| Out of variable scope |
| Potential buffer overflow |
| Potential command injection |
| Potential CRLF Injection |
| Potential CSRF(Cross Site Request Forgery) |
| Potential JS Security Warning ($sce.trustAsCss) |
| Potential JS Security Warning ($sce.trustAsHtml) |
| Potential JS Security Warning ($sce.trustAsJs) |
| Potential JS Security Warning ($sce.trustAsResourceUrl) |
| Potential JS Security Warning ($sce.trustAsUrl) |
| Potential JS Security Warning ($sceDelegate.trustAs($sce.CSS, ..)) |
| Potential JS Security Warning ($sceDelegate.trustAs($sce.HTML, ..)) |
| Potential JS Security Warning ($sceDelegate.trustAs($sce.JS, ..)) |
| Potential JS Security Warning ($sceDelegate.trustAs($sce.RESOURCE_URL, ..)) |
| Potential JS Security Warning ($sceDelegate.trustAs($sce.URL, ..)) |
| Potential JS Security Warning (bypassSecurityTrustHtml) |
| Potential JS Security Warning (bypassSecurityTrustResourceUrl) |
| Potential JS Security Warning (bypassSecurityTrustScript) |
| Potential JS Security Warning (bypassSecurityTrustStyle) |
| Potential JS Security Warning (bypassSecurityTrustUrl) |
| Potential JS Security Warning (dangerouslySetInnerHTML) |
| Potential JS Security Warning (development.js) |
| Potential JS Security Warning (eval()) |
| Potential JS Security Warning (react-dom.development.js) |
| Potential JS Security Warning (window.localStorage) |
| Potential LDAP Injection |
| Potential misuse of string operation |
| Potential SQL Injection |
| Potential SSI(Server-side inclusion) Injection |
| Potential SSRF(Server-side Request Forgery) |
| Potential Xpath Injection |
| Potential XSLT(eXtensible Stylesheet Language Transformations) Injection |
| Potential XSS(Cross-Site Scripting) |
| Potential XSS(v-html) |
| Potential XXE(XML External Entity) Injection |
| Self Assignment |
| Send cleartext of sensitive data |
| Tabnabbing |
| Use after free |
| Use after moved |
| Use of implicit intent |
| Use of insufficiently random value |
| Use of self-signed certificate |
| Use of vulnerable API |
| Use of vulnerable crypto algorithm |
| Use of vulnerable crypto parameter |
| Variable arguments misuse |
| Zip slip |
| Bad performance (Scala) |
| Broken capsulation (Scala) |
| Compare with unrelated type (Scala) |
| Constant expression result (Scala) |
| Dead code (Scala) |
| Duplication of import (Scala) |
| Fianl modifier on case (Scala) |
| Improper compare (Scala) |
| Improper empty check (Scala) |
| Improper serialize String (Scala) |
| Inaccurate calculation result (Scala) |
| Incorrect format string (Scala) |
| Incorrect input parameter (Scala) |
| Invalid regular expression (Scala) |
| Omitting finalize of superclass (Scala) |
| Omitting interpolation prefix (Scala) |
| Out of bounds (Scala) |
| Pointless type bounds (Scala) |
| Potential misuse of operation (Scala) |
| Potential throw exception (Scala) |
| Redundant feature (Scala) |
| Repeated case body (Scala) |
| Scala bad practice (Scala) |
| Scala duplicated map key (Scala) |
| Scala duplicated set value (Scala) |
| Scala var closure (Scala) |
| Swallowed exception (Scala) |
| Type shadowing (Scala) |
| Type unsafe (Scala) |
| Unintended use of property (Scala) |
| Unnecessary type conversion (Scala) |
| Unsafe traversable method (Scala) |
| Unused parameter (Scala) |
| Use of deprecated API (Scala) |
| Use of JavaConversions (Scala) |
| Use of null (Scala) |
| Use StripMargin on regular expression (Scala) |
| Variable shadowing (Scala) |
