Lucene search
K

1089 matches found

Hacker One
Hacker One
added 2020/06/04 8:41 p.m.214 views

GitHub Security Lab: CodeQL query to detect open Spring Boot actuator endpoints

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/06/04 8:41 p.m.169 views

GitHub Security Lab: gagliardetto: Query to detect incorrect conversion between numeric types

This bug was reported directly to GitHub Security Lab...

2.9AI score
Exploits0
Hacker One
Hacker One
added 2020/06/01 5:32 p.m.14 views

GitHub Security Lab: Add check for disabled HTTPOnly setting in Tomcat

This bug was reported directly to GitHub Security Lab...

7AI score
Exploits0
Hacker One
Hacker One
added 2020/05/29 5:51 p.m.170 views

GitHub Security Lab: Java: CWE-532 sensitive info logging

This bug was reported directly to GitHub Security Lab...

0.9AI score
Exploits0
Hacker One
Hacker One
added 2020/05/18 5:25 p.m.45 views

Kubernetes: Internal IP addresses range and AWS cluster region leaked in a Github repository

Report Submission Form Summary: I was exploring the GitHub repository and found some internal IP address and its cluster region related to AWS cluster. So i decided to report it to you. Please have a look and let me know. Steps To Reproduce: VISIT THIS LINK : Repository - kubernetes / kubernetes...

0.2AI score
Exploits0
Hacker One
Hacker One
added 2020/05/12 4:30 p.m.32 views

GitHub Security Lab: CodeQL query to detect SSRF in Python

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2020/04/20 6:29 p.m.107 views

GitHub Security Lab: Initial websocket support for Javascript (SockJS)

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2020/04/17 4:0 p.m.86 views

GitHub Security Lab: Go/CWE-643: XPath Injection Query in Go

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/04/09 9:57 p.m.245 views

GitHub Security Lab: CPP: Out of order Linux permission dropping without checking return codes

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/03/19 9:56 p.m.127 views

GitHub Security Lab: CWE-094 ScriptEngine in java

This bug was reported directly to GitHub Security Lab...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2020/03/19 9:55 p.m.238 views

GitHub Security Lab: XPath Injection query in java

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/02/28 10:31 p.m.81 views

GitHub Security Lab: Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
Hacker One
Hacker One
added 2020/02/20 8:14 p.m.117 views

GitHub Security Lab: CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
Hacker One
Hacker One
added 2020/02/07 8:54 p.m.31 views

GitHub Security Lab: Dynamic reflection class

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2020/01/31 10:26 p.m.133 views

GitHub Security Lab: CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
OSV
OSV
added 2020/01/31 6:15 p.m.12 views

CVE-2020-5234

MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...

6.5CVSS6.5AI score
Exploits0References4
NVD
NVD
added 2020/01/31 6:15 p.m.9 views

CVE-2020-5234

MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...

6.8CVSS5.3AI score0.01578EPSS
Exploits0References4
CVE
CVE
added 2020/01/31 5:50 p.m.122 views

CVE-2020-5234

CVE-2020-5234 affects MessagePack for C# and Unity before version 1.9.11 and 2.1.90, where deserializing untrusted data can cause a DoS via hash collisions or stack overflow. The issue is documented across multiple sources (NVD, GitHub advisory GHSA-7Q36-4XX7-XCXF, Red Hat/RH entries, OSV) and is...

6.8CVSS5.6AI score0.01578EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/01/31 5:50 p.m.15 views

CVE-2020-5234 Untrusted data can lead to DoS attack in MessagePack for C# and Unity

MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...

4.8CVSS6.4AI score0.01578EPSS
Exploits0References4
Hacker One
Hacker One
added 2020/01/28 10:21 p.m.91 views

GitHub Security Lab: CodeQL query for finding CSRF vulnerabilities in Spring applications

This bug was reported directly to GitHub Security Lab...

2AI score
Exploits0
Rows per page
Query Builder