Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

30 Open 112 Closed
30 Open 112 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
[Java] Query for detecting Jakarta Expression Language injections All For One
#324 opened Mar 21, 2021 by artem-smotrakov 1 of 1
[Java] CWE-094: Query to detect Groovy Code Injections All For One
#323 opened Mar 21, 2021 by p0wn4j 0 of 1
[Python] CWE-522: Insecure LDAP Authentication All For One
#321 opened Mar 18, 2021 by jorgectf 1 of 1
1
[Python] CWE-287: LDAP Improper Authentication All For One
#320 opened Mar 18, 2021 by jorgectf 1 of 1
[Python] CWE-090: LDAP Injection All For One
#319 opened Mar 18, 2021 by jorgectf 1 of 1
[Python] CWE-400: Regular Expression Injection All For One
#318 opened Mar 18, 2021 by jorgectf 1 of 1
[Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') All For One
#317 opened Mar 18, 2021 by haby0 1 of 1
[Java] CWE-327: Query to detect insecure cipher suites and protocols in Tomcat server configuration All For One
#316 opened Mar 17, 2021 by luchua-bc 1 of 1
2
[Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks All For One
#312 opened Mar 14, 2021 by p0wn4j 1 of 1
[Java] CWE-016: Query to detect insecure configuration of Spring Boot Actuator All For One
#310 opened Mar 11, 2021 by luchua-bc 1 of 1
3
[codeql-go]: Add CWE-79: HTML template escaping passthrough All For One
#306 opened Mar 9, 2021 by gagliardetto 1 of 1
1
Java: Non-Production interface All For One
#297 opened Mar 8, 2021 by haby0 0 of 1
5
[Java] CWE-1004: Query to check sensitive cookies without the HttpOnly flag set All For One
#292 opened Mar 1, 2021 by luchua-bc 1 of 1
4
Java: Query for detecting unsafe deserialization with Spring exporters All For One
#289 opened Feb 27, 2021 by artem-smotrakov 1 of 1
11
[Java/Maven]: Detect use of deprecated JCenter/Bintray Repository All For One
#287 opened Feb 25, 2021 by JLLeitschuh 1 of 1
3
Java: JSONP Injection All For One
#277 opened Feb 18, 2021 by haby0 1 of 1
6
[Java] CWE-297: Insecure LDAP endpoint configuration All For One
#272 opened Feb 15, 2021 by luchua-bc 1 of 1
2
Java : Add query for detecting Log Injection vulenrabilities All For One
#265 opened Feb 4, 2021 by porcupineyhairs
2
ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors. All For One
#258 opened Jan 29, 2021 by ihsinme 1 of 1
8
Java: CWE-346 Queries to detect remote source flow to CORS Headers All For One
#248 opened Jan 24, 2021 by torque59
5
Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') All For One
#241 opened Jan 21, 2021 by haby0
19
[C#] CWE-759: Query to detect password hash without a salt All For One
#233 opened Jan 13, 2021 by luchua-bc 1 of 1
8
porcupiney.hairs : Java/Android - Insecure Loading of a Dex File All For One
#232 opened Jan 12, 2021 by porcupineyhairs
4
[Java] CWE-759: Query to detect password hash without a salt All For One
#227 opened Jan 6, 2021 by luchua-bc 1 of 1
2
[Java]: CWE 295 - Insecure TrustManager - MiTM All For One
#222 opened Dec 24, 2020 by intrigus-lgtm 1 of 1
12
ProTip! What’s not been updated in a month: updated:<2021-02-21.