Lucene search
+L

44 matches found

OSV
OSV
added 2023/05/15 12:0 a.m.12 views

CVE-2023-32758

giturlparse aka git-url-parse through 1.2.2, as used in Semgrep 1.5.2 through 1.24.1, is vulnerable to ReDoS Regular Expression Denial of Service if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package for example, to check whether it accesses any Git...

7.5CVSS7AI score0.01033EPSS
Exploits0References7
Prion
Prion
added 2023/04/14 8:15 p.m.21 views

Spoofing

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The spicedb serve command contains a flag named --grpc-preshared-key which is used to protect the gRPC API from being accessed by unauthorized requests. The...

5CVSS7.7AI score0.00762EPSS
Exploits0References3Affected Software1
Kitploit
Kitploit
added 2022/02/17 8:30 p.m.51 views

Njsscan - A Semantic Aware SAST Tool That Can Find Insecure Code Patterns In Your Node.js Applications

njsscan is a static application testing SAST tool that can find insecure code patterns in your node.js applications using simple pattern matcher from libsast and syntax-aware semantic code pattern search tool semgrep. Installation pip install njsscan Requires Python 3.6+ and supports only Mac and...

8AI score
Exploits0References8
Kitploit
Kitploit
added 2021/07/05 9:30 p.m.56 views

Salus - Security Scanner Coordinator

Salus Security Automation as a Lightweight Universal Scanner, named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run Salus on a repository via the Docker daemon and it will determine which scanners are relevant, run them and provide...

7.6AI score
Exploits0References21
Rows per page
Query Builder