Lucene search
K

1083 matches found

Hacker One
Hacker One
added 2020/04/20 6:29 p.m.107 views

GitHub Security Lab: Initial websocket support for Javascript (SockJS)

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2020/04/17 4:0 p.m.86 views

GitHub Security Lab: Go/CWE-643: XPath Injection Query in Go

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/04/09 9:57 p.m.245 views

GitHub Security Lab: CPP: Out of order Linux permission dropping without checking return codes

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/03/19 9:56 p.m.127 views

GitHub Security Lab: CWE-094 ScriptEngine in java

This bug was reported directly to GitHub Security Lab...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2020/03/19 9:55 p.m.238 views

GitHub Security Lab: XPath Injection query in java

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2020/02/28 10:31 p.m.81 views

GitHub Security Lab: Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
Hacker One
Hacker One
added 2020/02/20 8:14 p.m.117 views

GitHub Security Lab: CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
Hacker One
Hacker One
added 2020/02/07 8:54 p.m.31 views

GitHub Security Lab: Dynamic reflection class

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2020/01/31 10:26 p.m.133 views

GitHub Security Lab: CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java

This bug was reported directly to GitHub Security Lab...

1.7AI score
Exploits0
OSV
OSV
added 2020/01/31 6:15 p.m.12 views

CVE-2020-5234

MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...

6.5CVSS6.5AI score
Exploits0References4
NVD
NVD
added 2020/01/31 6:15 p.m.9 views

CVE-2020-5234

MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...

6.8CVSS5.3AI score0.01578EPSS
Exploits0References4
CVE
CVE
added 2020/01/31 5:50 p.m.122 views

CVE-2020-5234

CVE-2020-5234 affects MessagePack for C# and Unity before version 1.9.11 and 2.1.90, where deserializing untrusted data can cause a DoS via hash collisions or stack overflow. The issue is documented across multiple sources (NVD, GitHub advisory GHSA-7Q36-4XX7-XCXF, Red Hat/RH entries, OSV) and is...

6.8CVSS5.6AI score0.01578EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/01/31 5:50 p.m.15 views

CVE-2020-5234 Untrusted data can lead to DoS attack in MessagePack for C# and Unity

MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...

4.8CVSS6.4AI score0.01578EPSS
Exploits0References4
Hacker One
Hacker One
added 2020/01/28 10:21 p.m.91 views

GitHub Security Lab: CodeQL query for finding CSRF vulnerabilities in Spring applications

This bug was reported directly to GitHub Security Lab...

2AI score
Exploits0
Hacker One
Hacker One
added 2020/01/23 9:58 p.m.89 views

GitHub Security Lab: CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload

This bug was reported directly to GitHub Security Lab...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2020/01/02 8:18 p.m.36 views

GitHub Security Lab: Java (Maven): Use of insecure protocol to download/upload artifacts

This bug was reported directly to GitHub Security Lab...

1.5AI score
Exploits0
Hacker One
Hacker One
added 2019/12/18 7:15 p.m.35 views

GitHub Security Lab: Netty HTTP Response Splitting (CRLF Injection) due to disabled header validation

This bug was reported directly to GitHub Security Lab...

7AI score
Exploits0
Hacker One
Hacker One
added 2019/12/18 7:13 p.m.21 views

GitHub Security Lab: CodeQL query to detect insecure MaxLengthRequest values in ASP.NET applications

This bug was reported directly to GitHub Security Lab...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2019/12/18 7:12 p.m.18 views

GitHub Security Lab: CodeQL query to detect pages with validationRequest disabled

This bug was reported directly to GitHub Security Lab...

1.3AI score
Exploits0
Hacker One
Hacker One
added 2019/12/18 7:8 p.m.14 views

GitHub Security Lab: Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET

This bug was reported directly to GitHub Security Lab...

1.3AI score
Exploits0
Rows per page
Query Builder