Detected presence of software components without a declared source code repository. (x1)

Detected presence of software components that are rarely included by other public software packages. (x1)

Detected presence of files with behaviors commonly used by malicious software. (x1)

Detected Windows executable files that were compiled without following the recommended SDL process. (x2)

Detected Windows shared library files that do not suppress exports which reduces CFG vulnerability mitigation protection effectiveness. (x2)

Detected Windows executable files that might not cover all statically linked libraries with CFG vulnerability mitigation protection. (x2)

Detected presence of software components that can access user identity information. (x2)

Detected presence of commonly distributed sensitive data. (x2)

Detected digital signatures that have not been performed with an extended validation certificate. (x52)

Detected digital signatures that rely on a weak digest algorithm for integrity validation. (x7)