The exponential development in the field of Information Technology has led to the enormous increase in financial, personal and statistical data which, if compromised, can cause irreparable loss. Hackers exploit the vulnerabilities in the application code to use this data to their advantage. One of the best ways to identify the exploits in any software application is to use static analysis. This paper addresses some well- known vulnerabilities found in the C and C++ programs that can be used by an attacker to conduct malicious actions and, the paper also details about statically analyzing the vulnerabilities in the C/C++ code.