Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

25 Open 41 Closed
25 Open 41 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
Java: CWE-749 Unsafe resource loading in Android WebView All For One
#124 opened Jun 12, 2020 by luchua-bc 1 of 1
Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc All For One
#119 opened Jun 10, 2020 by haby0
1
[javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage All For One
#118 opened Jun 8, 2020 by dellalibera 1 of 1
Java : CWE-548 - J2EE server directory listing enabled All For One
#111 opened May 30, 2020 by luchua-bc 1 of 1
2
[Java] CWE-295 - Incorrect Hostname Verification - MitM All For One
#109 opened May 27, 2020 by intrigus-lgtm 1 of 1
[Java] CWE-295 - Incorrect Hostname Verification - MitM The Bug Slayer
#108 opened May 27, 2020 by intrigus-lgtm 1 of 1
Java: CWE-273 Unsafe certificate trust All For One
#102 opened May 24, 2020 by luchua-bc
Golang : Add MongoDb NoSQL injection sinks All For One
#98 opened May 21, 2020 by porcupineyhairs
Golang : Improvements to Golang SSRF query All For One
#97 opened May 21, 2020 by porcupineyhairs
1
Java : add MongoDB injection sinks All For One
#95 opened May 21, 2020 by porcupineyhairs
Java : Add query to detect Server Side Template Injection All For One
#94 opened May 21, 2020 by porcupineyhairs
Python : Add query to detect Server Side Template Injection All For One
#93 opened May 21, 2020 by porcupineyhairs
Python : Add Xpath injection query All For One
#92 opened May 21, 2020 by porcupineyhairs
Python : Add support for detecting XSLT Injection All For One
#91 opened May 21, 2020 by porcupineyhairs
[Java]: CWE-523 Insecure HSTS configuration All For One
#90 opened May 20, 2020 by luchua-bc 0 of 1
CSHARP: Experimental query for tainted WebClient All For One
#89 opened May 20, 2020 by h3ku 1 of 1
Java: Add SSRF query for Java All For One
#84 opened May 13, 2020 by porcupineyhairs
3
[Java] CWE-918: Query for server side request forgery (SSRF) detection All For One
#80 opened May 12, 2020 by random-debug 1 of 1
CodeQL query for disabled revocation checking All For One
#78 opened May 9, 2020 by artem-smotrakov 1 of 1
1
CodeQL query to detect XSLT injections All For One
#75 opened Apr 27, 2020 by ggolawski 0 of 1
CodeQL query to detect Unified EL injections All For One
#71 opened Apr 22, 2020 by ggolawski 0 of 1
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
CodeQL query to detect OGNL injections All For One
#69 opened Apr 19, 2020 by ggolawski 0 of 1
Divide and conquer broken for large values, due to overflow (CWE-190) All For One
#39 opened Feb 13, 2020 by intrigus-lgtm 1 of 1
Java: PRNG used when CSPRNG is required All For One
#30 opened Jan 24, 2020 by JLLeitschuh 1 of 1
ProTip! Add no:assignee to see everything that’s not assigned.
You can’t perform that action at this time.