Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

25 Open 82 Closed
25 Open 82 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
ihsinme: CPP Add query for CWE-14 compiler removal of code to clear buffers. All For One
#237 opened Jan 16, 2021 by ihsinme 1 of 1
2
ihsinme: CPP Add query for CWE-401 memory leak on unsuccessful call to realloc function All For One
#234 opened Jan 13, 2021 by ihsinme 1 of 1
[C#] CWE-759: Query to detect password hash without a salt All For One
#233 opened Jan 13, 2021 by luchua-bc 1 of 1
porcupiney.hairs : Java/Android - Insecure Loading of a Dex File All For One
#232 opened Jan 12, 2021 by porcupineyhairs
1
[Java] CWE-295: Disabled certificate validation in JXBrowser All For One
#231 opened Jan 12, 2021 by intrigus-lgtm 1 of 1
porcupiney.hairs : Android - Insecure Context Creation All For One
#230 opened Jan 11, 2021 by porcupineyhairs
8
[Java] CWE-326: Query to detect weak encryption with an insufficient key size All For One
#229 opened Jan 7, 2021 by luchua-bc 1 of 1
2
[Java] CWE-759: Query to detect password hash without a salt All For One
#227 opened Jan 6, 2021 by luchua-bc 1 of 1
1
[Java] CWE-598: Use of GET Request Method with Sensitive Query Strings All For One
#223 opened Dec 26, 2020 by luchua-bc 1 of 1
1
[Java]: CWE 295 - Insecure TrustManager - MiTM All For One
#222 opened Dec 24, 2020 by intrigus-lgtm 1 of 1
5
[Java]: CWE 295 - Insecure TrustManager - MiTM The Bug Slayer
#221 opened Dec 24, 2020 by intrigus-lgtm 1 of 1
6
[Java] CWE-522: Insecure LDAP authentication All For One
#218 opened Dec 21, 2020 by luchua-bc 1 of 1
2
[Java] CWE-327: Add more broken crypto algorithms All For One
#216 opened Dec 16, 2020 by luchua-bc 1 of 1
2
[Java] CWE-312: Query to detect cleartext storage of sensitive information using Android SharedPreferences All For One
#205 opened Nov 16, 2020 by luchua-bc 1 of 1
1
Java : Add query to detect Apache Structs enabled Development mode All For One
#202 opened Nov 9, 2020 by porcupineyhairs
2
Java : Add a query to detect Spring View Manipulation Vulnerability All For One
#201 opened Nov 9, 2020 by porcupineyhairs
6
Server Side Template Injection lead to RCE ASP.NET RazorEngine All For One
#182 opened Sep 22, 2020 by cldrn 0 of 1
1
[Java] CWE-117: CodeQL query to detect Log Injection
#144 opened Jul 2, 2020 by dellalibera 1 of 1
4
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data The Bug Slayer
#137 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
5
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data
#136 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
2
[Java] CWE-295 - Incorrect Hostname Verification - MitM
#108 opened May 27, 2020 by intrigus-lgtm 1 of 1
12
Java : Add query to detect Server Side Template Injection
#94 opened May 21, 2020 by porcupineyhairs
4
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
Divide and conquer broken for large values, due to overflow (CWE-190) All For One
#39 opened Feb 13, 2020 by intrigus-lgtm 1 of 1
1
Java: PRNG used when CSPRNG is required All For One
#30 opened Jan 24, 2020 by JLLeitschuh 1 of 1
ProTip! Updated in the last three days: updated:>2021-01-17.
You can’t perform that action at this time.