Common Software Insecure Design

1. Improper implementation of least privilege
2. Software fails insecurely
3. Authentication mechanisms are easily bypassed
4. Security through obscurity
5. Improper error handling
6. Weak input validation