| DB2X-00-005900 - DB2 must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-006000 - DB2 and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-006100 - DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization. | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled. | DISA IIS 10.0 Site v2r11 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled. | DISA IIS 10.0 Server v3r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-000490 - MongoDB must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-000500 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD7X-00-005800 MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-017900 - Oracle Database must check the validity of data inputs. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-018000 - The database management system (DBMS) and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-018100 - The database management system (DBMS) and associated applications, when making use of dynamic code execution, must take steps against invalid values that may be used in a SQL injection attack, therefore resulting in steps to prevent a SQL injection attack. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O112-C2-019500 - The DBMS must check the validity of data inputs. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O121-C2-019500 - The DBMS must check the validity of data inputs. | DISA STIG Oracle 12c v3r2 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-001800 - PostgreSQL must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-001900 - PostgreSQL and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-002000 - PostgreSQL and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-022500 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031500 - The DBMS and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031600 - The DBMS and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL6-D0-002100 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-70-000021 - vSphere UI must set URIEncoding to UTF-8. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WDNS-SI-000001 - The Windows 2012 DNS Server must be configured to only allow zone information that reflects the environment for which it is authoritative, to include IP ranges and IP versions. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
