973 matches found
GitHub Security Lab: Golang : Add Email Content Injection query
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect JNDI injections
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java] CWE-939 - Address improper URL authorization
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CPP: Missing/incomplete TLS server certificate hostname validation
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query to detect open Spring Boot actuator endpoints
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: gagliardetto: Query to detect incorrect conversion between numeric types
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Add check for disabled HTTPOnly setting in Tomcat
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java: CWE-532 sensitive info logging
This bug was reported directly to GitHub Security Lab...
Kubernetes: Internal IP addresses range and AWS cluster region leaked in a Github repository
Report Submission Form Summary: I was exploring the GitHub repository and found some internal IP address and its cluster region related to AWS cluster. So i decided to report it to you. Please have a look and let me know. Steps To Reproduce: VISIT THIS LINK : Repository - kubernetes / kubernetes...
GitHub Security Lab: CodeQL query to detect SSRF in Python
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Initial websocket support for Javascript (SockJS)
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Go/CWE-643: XPath Injection Query in Go
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CPP: Out of order Linux permission dropping without checking return codes
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CWE-094 ScriptEngine in java
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: XPath Injection query in java
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: Dynamic reflection class
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java
This bug was reported directly to GitHub Security Lab...
CVE-2020-5234
MessagePack for C and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps...