The SANS institute has published a list of the top 25 most dangerous programming errors. Not only is this a must-read, but it is critical for architects, developers and testers, of all stripes, to be aware of these programming errors. Unless and until we have platforms that simply prevent these errors, we can combat these security gaps best through education, careful testing, and responsible project delivery practices.
How familiar are you with these mistakes?
Would you be able to spot them in code you reviewed?
Would you be able to prevent them in your own code?