Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

25 Open 53 Closed
25 Open 53 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
gagliardetto: Query to find TLS clients supporting insecure versions of the protocol and cipher suites All For One
#157 opened Jul 19, 2020 by gagliardetto 1 of 1
[CATENACYBER]: [CPP] CWE-476 Null Pointer Dereference : Another query to either missing or redundant NULL check All For One
#148 opened Jul 8, 2020 by catenacyber 1 of 1
2
Java: CWE-939 - Address improper URL authorization The Bug Slayer
#147 opened Jul 5, 2020 by luchua-bc 1 of 1
4
[Java] CWE-117: CodeQL query to detect Log Injection All For One
#144 opened Jul 2, 2020 by dellalibera 1 of 1
Java: CWE-600 Uncaught servlet exception All For One
#143 opened Jun 29, 2020 by luchua-bc 1 of 1
Java: Detect remote source from Android intent extra All For One
#140 opened Jun 25, 2020 by luchua-bc 1 of 1
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data The Bug Slayer
#137 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
1
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data All For One
#136 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
[javascript] CWE-347: JWT Missing Secret Or Public Key Verification All For One
#133 opened Jun 20, 2020 by toufik-airane
[javascript] CWE-117: CodeQL query to detect Log Injection All For One
#130 opened Jun 17, 2020 by dellalibera 1 of 1
Java: CWE-798 - Hardcoded AWS credentials All For One
#129 opened Jun 17, 2020 by luchua-bc 1 of 1
Java: CWE-918 - Server Side Request Forgery (SSRF) All For One
#126 opened Jun 15, 2020 by luchua-bc 1 of 1
2
Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks All For One
#124 opened Jun 12, 2020 by luchua-bc 1 of 1
Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc All For One
#119 opened Jun 10, 2020 by haby0
1
[Java] CWE-295 - Incorrect Hostname Verification - MitM The Bug Slayer
#108 opened May 27, 2020 by intrigus-lgtm 1 of 1
3
Golang : Improvements to Golang SSRF query All For One
#97 opened May 21, 2020 by porcupineyhairs
1
Java : add MongoDB injection sinks All For One
#95 opened May 21, 2020 by porcupineyhairs
1
Java : Add query to detect Server Side Template Injection All For One
#94 opened May 21, 2020 by porcupineyhairs
Python : Add query to detect Server Side Template Injection All For One
#93 opened May 21, 2020 by porcupineyhairs
1
Java: Add SSRF query for Java All For One
#84 opened May 13, 2020 by porcupineyhairs
3
[Java] CWE-918: Query for server side request forgery (SSRF) detection All For One
#80 opened May 12, 2020 by random-debug 1 of 1
CodeQL query to detect XSLT injections All For One
#75 opened Apr 27, 2020 by ggolawski 0 of 1
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
Divide and conquer broken for large values, due to overflow (CWE-190) All For One
#39 opened Feb 13, 2020 by intrigus-lgtm 1 of 1
Java: PRNG used when CSPRNG is required All For One
#30 opened Jan 24, 2020 by JLLeitschuh 1 of 1
ProTip! Updated in the last three days: updated:>2020-07-17.
You can’t perform that action at this time.