1083 matches found
GitHub Security Lab: Initial websocket support for Javascript (SockJS)
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Go/CWE-643: XPath Injection Query in Go
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CPP: Out of order Linux permission dropping without checking return codes
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CWE-094 ScriptEngine in java
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: XPath Injection query in java
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Dynamic reflection class
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java
This bug was reported directly to GitHub Security Lab...
CVE-2020-5234
MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...
CVE-2020-5234
MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...
CVE-2020-5234
CVE-2020-5234 affects MessagePack for C# and Unity before version 1.9.11 and 2.1.90, where deserializing untrusted data can cause a DoS via hash collisions or stack overflow. The issue is documented across multiple sources (NVD, GitHub advisory GHSA-7Q36-4XX7-XCXF, Red Hat/RH entries, OSV) and is...
CVE-2020-5234 Untrusted data can lead to DoS attack in MessagePack for C# and Unity
MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...
GitHub Security Lab: CodeQL query for finding CSRF vulnerabilities in Spring applications
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java (Maven): Use of insecure protocol to download/upload artifacts
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Netty HTTP Response Splitting (CRLF Injection) due to disabled header validation
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect insecure MaxLengthRequest values in ASP.NET applications
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect pages with validationRequest disabled
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET
This bug was reported directly to GitHub Security Lab...