The Wayback Machine - https://web.archive.org/web/20201217160236/https://github.com/github/securitylab/issues
Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

19 Open 75 Closed
19 Open 75 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
[Java] CWE-327: Add more broken crypto algorithms All For One
#216 opened Dec 16, 2020 by luchua-bc 1 of 1
1
[Java] CWE-555: Query to detect password in Java EE configuration files All For One
#214 opened Dec 12, 2020 by luchua-bc 1 of 1
1
CPP: CWE-191 into experimental this reveals a dangerous comparison All For One
#208 opened Nov 30, 2020 by ihsinme 1 of 1
7
[Java] CWE-312: Query to detect cleartext storage of sensitive information using Android SharedPreferences All For One
#205 opened Nov 16, 2020 by luchua-bc 1 of 1
Java : Add query to detect Apache Structs enabled Development mode All For One
#202 opened Nov 9, 2020 by porcupineyhairs
2
Java : Add a query to detect Spring View Manipulation Vulnerability All For One
#201 opened Nov 9, 2020 by porcupineyhairs
6
[Java] CWE-755: Query to detect Local Android DoS caused by NFE All For One
#199 opened Nov 5, 2020 by luchua-bc 1 of 1
4
3,880 Pull Requests Generated to fix JHipster RNG Vulnerability CVE-2019-16303 The Bug Slayer
#191 opened Oct 13, 2020 by JLLeitschuh 1 of 1
3
Server Side Template Injection lead to RCE ASP.NET RazorEngine All For One
#182 opened Sep 22, 2020 by cldrn 0 of 1
1
Java: QL Query Detector for JHipster Generated CVE-2019-16303 All For One
#180 opened Sep 21, 2020 by JLLeitschuh 1 of 1
2
[Java] CWE-117: CodeQL query to detect Log Injection All For One
#144 opened Jul 2, 2020 by dellalibera 1 of 1
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data The Bug Slayer
#137 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
3
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data All For One
#136 opened Jun 24, 2020 by intrigus-lgtm 1 of 1
[Java] CWE-295 - Incorrect Hostname Verification - MitM The Bug Slayer
#108 opened May 27, 2020 by intrigus-lgtm 1 of 1
6
Java : Add query to detect Server Side Template Injection All For One
#94 opened May 21, 2020 by porcupineyhairs
Java: Add SSRF query for Java All For One
#84 opened May 13, 2020 by porcupineyhairs
4
CodeQL query to find if an Django application is vulnerable to CSRF All For One
#70 opened Apr 20, 2020 by Dhayalanb 1 of 1
Divide and conquer broken for large values, due to overflow (CWE-190) All For One
#39 opened Feb 13, 2020 by intrigus-lgtm 1 of 1
1
Java: PRNG used when CSPRNG is required All For One
#30 opened Jan 24, 2020 by JLLeitschuh 1 of 1
ProTip! What’s not been updated in a month: updated:<2020-11-17.
You can’t perform that action at this time.