1083 matches found
GitHub Security Lab: [javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java] CWE-295 - Incorrect Hostname Verification - MitM
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect OGNL injections
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java: CWE-273 Unsafe certificate trust
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query for disabled revocation checking
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Golang : Add MongoDb NoSQL injection sinks
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java : CWE-548 - J2EE server directory listing enabled
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java]: CWE-523 Insecure HSTS configuration
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java: CWE-297 Insecure JavaMail SSL configuration
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query for MVEL injections
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Golang : Add Email Content Injection query
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect JNDI injections
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java] CWE-939 - Address improper URL authorization
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CPP: Missing/incomplete TLS server certificate hostname validation
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect open Spring Boot actuator endpoints
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: gagliardetto: Query to detect incorrect conversion between numeric types
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Add check for disabled HTTPOnly setting in Tomcat
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java: CWE-532 sensitive info logging
This bug was reported directly to GitHub Security Lab...
Kubernetes: Internal IP addresses range and AWS cluster region leaked in a Github repository
Report Submission Form Summary: I was exploring the GitHub repository and found some internal IP address and its cluster region related to AWS cluster. So i decided to report it to you. Please have a look and let me know. Steps To Reproduce: VISIT THIS LINK : Repository - kubernetes / kubernetes...
GitHub Security Lab: CodeQL query to detect SSRF in Python
This bug was reported directly to GitHub Security Lab...