973 matches found
GitHub Security Lab: Yet another SSRF query for Go
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Yet another SSRF query for Javascript
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Yet another SSRF query for Javascript
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Yet another SSRF query for Javascript
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Yet another SSRF query for Go
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Yet another SSRF query for Javascript
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: C# : Add query to detect Server Side Request Forgery
This bug was reported directly to GitHub Security Lab...
CVE-2021-41188
Shopware is open source e-commerce software. Versions prior to 5.7.6 contain a cross-site scripting vulnerability. This issue is patched in version 5.7.6. Two workarounds are available. Using the security plugin or adding a particular following config to the .htaccess file will protect against...
GitHub Security Lab: [cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics
This bug was reported directly to GitHub Security Lab...
GHSA-W44J-66G7-XW99
creationtimestamp| type| source ---|---|--- 2021-10-13 02:25:55+00:00| published-proof-of-concept| https://t.me/cibsecurity/30472...
GitHub Security Lab: [Python]: CWE-117 Log Injection
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java] CWE-502: Unsafe deserialization with three JSON frameworks
This bug was reported directly to GitHub Security Lab...
CVE-2021-3321
Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions = =2.4.0 contain Integer Overflow to Buffer Overflow CWE-680. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99...
Insecure random number generation in keypair
Description and Impact A bug in the pseudo-random number generator used by keypair versions up to and including 1.0.3 could allow for weak RSA key generation. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. We recomme...
GitHub Security Lab: [Python] CWE-348: Client supplied ip used in security check
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java] CWE-200: Query to detect exposure of sensitive information from android file intent
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Python] CWE-522: Insecure LDAP Authentication
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: New experimental query: Clipboard-based XSS
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: ihsinme: Add query for CWE-758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java] CWE-079: Query to detect XSS with JavaServer Faces (JSF)
This bug was reported directly to GitHub Security Lab...