Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking β€œSign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

23 Open 111 Closed
23 Open 111 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€
[Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks All For One
#312 opened Mar 14, 2021 by p0wn4j 0 of 1
[Java] CWE-016: Query to detect insecure configuration of Spring Boot Actuator All For One
#310 opened Mar 11, 2021 by luchua-bc 1 of 1
1
ihsinme: CPP add query for: CPP Add query for CWE-20 Improper Input Validation All For One
#308 opened Mar 10, 2021 by ihsinme 1 of 1
1
[codeql-go]: Add CWE-79: HTML template escaping passthrough All For One
#306 opened Mar 9, 2021 by gagliardetto 1 of 1
Java: Non-Production interface All For One
#297 opened Mar 8, 2021 by haby0 0 of 1
4
[Java] CWE-1004: Query to check sensitive cookies without the HttpOnly flag set All For One
#292 opened Mar 1, 2021 by luchua-bc 1 of 1
3
Java: Query for detecting unsafe deserialization with Spring exporters All For One
#289 opened Feb 27, 2021 by artem-smotrakov 1 of 1
11
[Java/Maven]: Detect use of deprecated JCenter/Bintray Repository All For One
#287 opened Feb 25, 2021 by JLLeitschuh 1 of 1
3
Java: JSONP Injection All For One
#277 opened Feb 18, 2021 by haby0 1 of 1
6
[Java] CWE-297: Insecure LDAP endpoint configuration All For One
#272 opened Feb 15, 2021 by luchua-bc 1 of 1
2
Java : Add query for detecting Log Injection vulenrabilities All For One
#265 opened Feb 4, 2021 by porcupineyhairs
2
ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors. All For One
#258 opened Jan 29, 2021 by ihsinme 1 of 1
2
Java: CWE-346 Queries to detect remote source flow to CORS Headers All For One
#248 opened Jan 24, 2021 by torque59
5
Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') All For One
#241 opened Jan 21, 2021 by haby0
18
[C#] CWE-759: Query to detect password hash without a salt All For One
#233 opened Jan 13, 2021 by luchua-bc 1 of 1
8
porcupiney.hairs : Java/Android - Insecure Loading of a Dex File All For One
#232 opened Jan 12, 2021 by porcupineyhairs
4
[Java] CWE-759: Query to detect password hash without a salt All For One
#227 opened Jan 6, 2021 by luchua-bc 1 of 1
2
[Java]: CWE 295 - Insecure TrustManager - MiTM All For One
#222 opened Dec 24, 2020 by intrigus-lgtm 1 of 1
12
Server Side Template Injection lead to RCE ASP.NET RazorEngine All For One
#182 opened Sep 22, 2020 by cldrn 0 of 1
1
[Java] CWE-117: CodeQL query to detect Log Injection
#144 opened Jul 2, 2020 by dellalibera 1 of 1
6
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data
#136 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
2
Java : Add query to detect Server Side Template Injection
#94 opened May 21, 2020 by porcupineyhairs
4
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
1
ProTip! Exclude everything labeled bug with -label:bug.