Issue Types
- Address score-impacting CVEs in your Scorecard
- Issue resolution and parked domains
- Potential Vulnerability Detected
- November 2022 OpenSSL 3.X vulnerability detected
- Domain advertised as ransomware victim
- Learn about decayed issue findings
- Algorithms currently flagged in Certificate signed with weak algorithm issue type
- Why did SecurityScorecard not find a CVE issue for my software or service?
- Are information leak findings resolved if the leak source is seized by the FBI?
- Content security policy contains broad directives
- Web application potentially vulnerable to Spring4Shell
- Ransomware infection detected
- Low-, medium-, and high-severity patching cadences analyzed
- Vulnerable Log4j issue types
- FAQ about the Log4j vulnerability
- Website uses GoDaddy TLS certificates
- Website hosted by GoDaddy's Wordpress
- Download more than 500 findings per issue
- Separate your outbound NAT to prevent issues with guest wireless traffic
- Exposed Personal Information
- Resolving Malware Findings
- Issue Resolution for Exposed Subdomain
- Website Does Not Implement HSTS Best Practices
- Why are Issue findings duplicated?
- Insecure HTTPS redirect pattern
- Issues reported belong to assets not owned by our organization (misattribution)
- How to validate a Content Security Policy (CSP)
- Session cookie missing 'HttpOnly' flag
- Session cookie missing 'Secure' attribute
- Attack detected