The Wayback Machine - https://web.archive.org/web/20201114013058/https://github.com/github/securitylab/issues
Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

20 Open 70 Closed
20 Open 70 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
Java : Add query to detect Apache Structs enabled Development mode All For One
#202 opened Nov 9, 2020 by porcupineyhairs
2
Java : Add a query to detect Spring View Manipulation Vulnerability All For One
#201 opened Nov 9, 2020 by porcupineyhairs
6
[Java] CWE-755: Query to detect Local Android DoS caused by NFE All For One
#199 opened Nov 5, 2020 by luchua-bc 1 of 1
4
3,880 Pull Requests Generated to fix JHipster RNG Vulnerability CVE-2019-16303 The Bug Slayer
#191 opened Oct 13, 2020 by JLLeitschuh 1 of 1
2
codeql-go: Expand Go standard library taint-tracking models to 63 packages, 554 models and 733 tests (from ~13 packages, ~103 models, ~50 tests) All For One
#187 opened Sep 24, 2020 by gagliardetto 1 of 1
7
Server Side Template Injection lead to RCE ASP.NET RazorEngine All For One
#182 opened Sep 22, 2020 by cldrn 0 of 1
1
Java: QL Query Detector for JHipster Generated CVE-2019-16303 All For One
#180 opened Sep 21, 2020 by JLLeitschuh 1 of 1
1
[javascript] CWE-90: CodeQL to detect LDAP Injection All For One
#170 opened Sep 3, 2020 by dellalibera 1 of 1
7
[javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set All For One
#169 opened Aug 29, 2020 by dellalibera 1 of 1
2
[Java] CWE-117: CodeQL query to detect Log Injection All For One
#144 opened Jul 2, 2020 by dellalibera 1 of 1
Java: CWE-600 Uncaught servlet exception All For One
#143 opened Jun 29, 2020 by luchua-bc 1 of 1
7
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data The Bug Slayer
#137 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
3
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data All For One
#136 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc All For One
#119 opened Jun 10, 2020 by haby0
3
[Java] CWE-295 - Incorrect Hostname Verification - MitM The Bug Slayer
#108 opened May 27, 2020 by intrigus-lgtm 1 of 1
5
Java : Add query to detect Server Side Template Injection All For One
#94 opened May 21, 2020 by porcupineyhairs
Java: Add SSRF query for Java All For One
#84 opened May 13, 2020 by porcupineyhairs
3
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
Divide and conquer broken for large values, due to overflow (CWE-190) All For One
#39 opened Feb 13, 2020 by intrigus-lgtm 1 of 1
1
Java: PRNG used when CSPRNG is required All For One
#30 opened Jan 24, 2020 by JLLeitschuh 1 of 1
ProTip! Type g i on any issue or pull request to go back to the issue listing page.
You can’t perform that action at this time.