Most of the time when we analyze a software, we search the man page for usage of certain API and sometimes about the pattern of the code. Over a period of time you create a set of patterns in your mind. Sometimes we can learn that patterns from few Secure Coding standards websites. They give example on how not to write. This is the other way of learning to find the bugs. Here is the list of Secure Coding Standards links that I could able to find. If you have any more, please add it in the comment.
CERT Oracle Secure Coding standard for Java
http://www.viva64.com/en/a/0065/ (A Collection of Examples of 64-bit Errors in Real Programs)
http://www.viva64.com/en/a/0042/ (Seven Steps of Migrating a Program to a 64-bit System)
http://www.viva64.com/en/l/ (Lessons on development of 64-bit C/C++ applications)
http://www.oracle.com/technetwork/java/seccodeguide-139067.html (Secure Coding Guidelines for the Java Programming Language, Version 4.0)
Apple’s Secure Coding standard
Klocwork’s CERT C and C++ Secure Coding Standard