67 matches found
Your control tower to secure code across GitHub, GitLab, and Azure Repos
Secure your code and the entire development pipeline with the Wiz Security Graph, comprehensive configuration checks, and advanced code scanning...
GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws
GitHub on Wednesday announced that it's making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort to avoid introducing new security issues. "Powered by GitHub Copilot and CodeQL, code scanning autofi...
GHSA-P4M5-32PR-2HQR PyPop C extensions possible vulnerability: missing arguments and redundant null pointers
Impact Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls missing arguments or wrongly typed arguments and redundant null pointers. Patches The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop...
PyPop C extensions possible vulnerability: missing arguments and redundant null pointers
Impact Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls missing arguments or wrongly typed arguments and redundant null pointers. Patches The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop...
PT-2024-21329 · Mozilla · Firefox For Ios
Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 123 Description: An issue allows an attacker to execute unauthorized scripts on the current top origin sites in the URL bar when a JavaScript URI is scanned with the QR code scanner. Recommendations: For...
Brave Browser Android 输入验证错误漏洞
Brave is a fast, private and secure web browser from Brave USA. A security vulnerability previously existed in Brave Browser Android version 1.52.117, which originated from an open redirection vulnerability that could be triggered when scanning a QR code QR code...
CVE-2019-17003
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...
CVE-2019-17003
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...
Mozilla Firefox 跨站脚本漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from a Javascript execution when scanning a QR code containing a javascript: URL...
CVE-2022-22749
When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...
Exploit for CVE-2022-21449
CVE-2022-21449 Overview This tool allows to perform a qu...
Scanmycode-Ce - Code Scanning/SAST/Static Analysis/Linting Using Many tools/Scanners With One Report - Scanmycode Community Edition (CE)
It is a Code Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to it. Currently, it supports many languages and tech stacks. Similar to SonarQube, but it is different. Fig. 1 Scanmycode concept diagram How is Scanmycode different...
Review your security vulnerabilities in GitHub with code scanning alerts
Today, for GitHub repositories, our SAST analysis provides fast, precise security feedback directly inside your pull requests. You instantly know how many vulnerabilities are detected and, until now, you would systematically go to SonarCloud to start investigating. Not anymore. From this point...
The vulnerability of the Covid-19 contact tracing system’s web app that uses QR code scanning lies in the insufficient protection of operational data, allowing attackers to carry out cross-site attacks.
The vulnerability of the Covid-19 contact tracing system’s web app with QR code scanning lies in the insufficient protection of sensitive data when the username parameter is used on the login page. Exploiting this vulnerability could allow a malicious actor to perform cross-site attacks using a...
Simplify Security with Open Source Code Scanning Tools
Explore how source security tools can help mitigate the risk of utilizing open source libraries, saving development effort by using open source components while ensuring your final product’s security...
Simplify Security with Open Source Code Scanning Tools
Explore how source security tools can help mitigate the risk of utilizing open source libraries, saving development effort by using open source components while ensuring your final product’s security...
COVID-19 Contact Tracing System With QR Code Scanning 1.0 SQL Injection
Exploit Title: Covid-19 Contact Tracing System Web App with QR Code Scanning CTS-QR by: oretnom23 v1.0 remote SQL-Injection-Bypass-Authentication in /ctsqr/classes/Login.php + XSS-Stored PWNED PHPSESSID Vulnerable parameter "code" in applicatoin State/Province List. Author: nu11secur1ty Testing a...
Covid-19 Contact Tracing System Web App with QR Code Scanning - SQL-Injection-Bypass-Authentication
The Covid-19 Contact Tracing System Web App with QR Code Scanning is vulnerable in the application /ctsqr/classes/Login.php from SQL-Injection-Bypass-Authentication m0re info: . The parameter username from the login form is not protected correctly and there is no security and escaping from...
COVID-19 Contact Tracing System With QR Code Scanning 1.0 SQL Injection Exploit
COVID-19 Contact Tracing System web app with QR Code Scanning version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Covid-19 Contact Tracing System Web App with QR Code Scanning CTS-QR by: oretnom23 v1.0 remote...
CVE-2021-32638
Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...