-
Static code scan issues found in file:
https://github.com/zephyrproject-rtos/zephyr/tree/b1def7145fd/subsys/bluetooth/host/conn.c
Category: Possible Control flow issues
Function: `can_initiate_feat…
-
Hello Team,
I was curious about the `cwe` field in the aquasec scans as well as AWS security hub scans. The field with name `cwe_info` is further in the chain getting transformed into cwe which is s…
-
Checkmarx reported vulnerability with one of the dependent libraries (braces@3.0.2).
### Category
CWE-400 | Uncontrolled resource consumption
### Description
`The NPM package "braces" fails to…
-
-
**Description of the issue**
### >
CodeQL command-line toolchain release 2.14.6.
### >
(a-1) Cloning codeql 'main' branch
`git clone https://github.com/github/codeql.git codeql-main-cl…
-
openvas Version 23.2.1
faraday community edition: 5.5.0
Running the community docker
I failing to import reports from openvas using the option to export reports from openvas community edition as …
-
I'm working on a [vulnerability detection benchmark](https://github.com/timothee-chauvin/eyeballvul) using OSV as the main data source. Having as many CWE root causes as possible would be useful for t…
-
GitHub is adding the ability to handle security reports and fixes privately in their UI. Instead of creating an issue, the reporter creates a security advisory, and then GitHub allows discussing and h…
-
https://github.com/getsentry/sentry-cocoa/blob/main/Sources/Sentry/SentrySessionReplaySyncC.c#L24
Veracode Flaw info:
> Attack Vector: malloc
>
> Number of Modules Affected: 1
>
> Description: The r…
-
I was able to play CWE V8.1 (Chao World Extended, created by DarkyBenji and the rest of them) just fine on SA2 a while ago, but when I went to go play it today when I loaded the ModLoader, it download…