Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

33 Open 90 Closed
33 Open 90 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
[Java] CWE-489: Query to detect main() method in Java EE applications All For One
#267 opened Feb 5, 2021 by luchua-bc 1 of 1
Java : Add query for detecting Log Injection vulenrabilities All For One
#265 opened Feb 4, 2021 by porcupineyhairs
[JavaScript]: add query for Express-HBS LFR All For One
#264 opened Feb 4, 2021 by CaptainFreak 1 of 1
Java : Add a query to detect Spring View Manipulation Vulnerability (Implicit) All For One
#263 opened Feb 1, 2021 by porcupineyhairs
1
ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors. All For One
#258 opened Jan 29, 2021 by ihsinme 1 of 1
1
ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strlen. All For One
#252 opened Jan 28, 2021 by ihsinme 1 of 1
4
ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat. All For One
#251 opened Jan 28, 2021 by ihsinme 1 of 1
2
[golang] Division by zero query All For One
#250 opened Jan 27, 2021 by monkey-junkie 1 of 1
1
Java: Query for detecting JEXL injections All For One
#249 opened Jan 25, 2021 by artem-smotrakov
4
Java: CWE-346 Queries to detect remote source flow to CORS Headers All For One
#248 opened Jan 24, 2021 by torque59
1
Java: Fix NashornScriptEngine detection in ScriptEngine query All For One
#247 opened Jan 24, 2021 by p0wn4j 0 of 1
Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') All For One
#241 opened Jan 21, 2021 by haby0
1
[C#] CWE-759: Query to detect password hash without a salt All For One
#233 opened Jan 13, 2021 by luchua-bc 1 of 1
1
porcupiney.hairs : Java/Android - Insecure Loading of a Dex File All For One
#232 opened Jan 12, 2021 by porcupineyhairs
2
[Java] CWE-295: Disabled certificate validation in JXBrowser All For One
#231 opened Jan 12, 2021 by intrigus-lgtm 1 of 1
3
porcupiney.hairs : Android - Insecure Context Creation All For One
#230 opened Jan 11, 2021 by porcupineyhairs
12
[Java] CWE-759: Query to detect password hash without a salt All For One
#227 opened Jan 6, 2021 by luchua-bc 1 of 1
1
[Java] CWE-598: Use of GET Request Method with Sensitive Query Strings All For One
#223 opened Dec 26, 2020 by luchua-bc 1 of 1
3
[Java]: CWE 295 - Insecure TrustManager - MiTM All For One
#222 opened Dec 24, 2020 by intrigus-lgtm 1 of 1
12
[Java]: CWE 295 - Insecure TrustManager - MiTM The Bug Slayer
#221 opened Dec 24, 2020 by intrigus-lgtm 1 of 1
6
[Java] CWE-327: Add more broken crypto algorithms All For One
#216 opened Dec 16, 2020 by luchua-bc 1 of 1
2
[Java] CWE-312: Query to detect cleartext storage of sensitive information using Android SharedPreferences All For One
#205 opened Nov 16, 2020 by luchua-bc 1 of 1
1
Java : Add query to detect Apache Structs enabled Development mode All For One
#202 opened Nov 9, 2020 by porcupineyhairs
2
Java : Add a query to detect Spring View Manipulation Vulnerability All For One
#201 opened Nov 9, 2020 by porcupineyhairs
7
Server Side Template Injection lead to RCE ASP.NET RazorEngine All For One
#182 opened Sep 22, 2020 by cldrn 0 of 1
1
ProTip! What’s not been updated in a month: updated:<2021-01-06.