Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking β€œSign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

19 Open 66 Closed
19 Open 66 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€
codeql-go: Expand Go standard library taint-tracking models to 63 packages, 554 models and 733 tests (from ~13 packages, ~103 models, ~50 tests) All For One
#187 opened Sep 24, 2020 by gagliardetto 1 of 1
2
Server Side Template Injection lead to RCE ASP.NET RazorEngine All For One
#182 opened Sep 22, 2020 by cldrn 0 of 1
Java: QL Query Detector for JHipster Generated CVE-2019-16303 All For One
#180 opened Sep 21, 2020 by JLLeitschuh 1 of 1
[javascript] CWE-90: CodeQL to detect LDAP Injection All For One
#170 opened Sep 3, 2020 by dellalibera 1 of 1
2
[javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set All For One
#169 opened Aug 29, 2020 by dellalibera 1 of 1
[Java] CWE-117: CodeQL query to detect Log Injection All For One
#144 opened Jul 2, 2020 by dellalibera 1 of 1
Java: CWE-600 Uncaught servlet exception All For One
#143 opened Jun 29, 2020 by luchua-bc 1 of 1
Java: Detect remote source from Android intent extra All For One
#140 opened Jun 25, 2020 by luchua-bc 1 of 1
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data The Bug Slayer
#137 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
1
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data All For One
#136 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
Java: CWE-918 - Server Side Request Forgery (SSRF) All For One
#126 opened Jun 15, 2020 by luchua-bc 1 of 1
4
Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks All For One
#124 opened Jun 12, 2020 by luchua-bc 1 of 1
2
Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc All For One
#119 opened Jun 10, 2020 by haby0
2
[Java] CWE-295 - Incorrect Hostname Verification - MitM The Bug Slayer
#108 opened May 27, 2020 by intrigus-lgtm 1 of 1
5
Java : Add query to detect Server Side Template Injection All For One
#94 opened May 21, 2020 by porcupineyhairs
Java: Add SSRF query for Java All For One
#84 opened May 13, 2020 by porcupineyhairs
3
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
Divide and conquer broken for large values, due to overflow (CWE-190) All For One
#39 opened Feb 13, 2020 by intrigus-lgtm 1 of 1
1
Java: PRNG used when CSPRNG is required All For One
#30 opened Jan 24, 2020 by JLLeitschuh 1 of 1
ProTip! Follow long discussions with comments:>50.
You can’t perform that action at this time.