issues
search
github
/
securitylab
Resources related to GitHub Security Lab
https://securitylab.github.com
MIT License
1.35k
stars
242
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Block material
#840
m-y-mo
closed
2 days ago
0
Java: Arbitrary user-controlled read/write on user-controlled path
#839
intrigus-lgtm
opened
4 days ago
1
C#: Add query for insecure certificate validation
#838
intrigus-lgtm
opened
4 days ago
0
Delete issue templates for bug bounty
#837
xcorail
closed
3 days ago
1
CPP: Disabled SSL certificate verification
#836
porcupineyhairs
opened
5 days ago
2
Python: Pycurl SSL Disabled
#835
porcupineyhairs
opened
5 days ago
0
Go: CORS Bypass due to incorrect checks
#834
porcupineyhairs
opened
5 days ago
0
Python: CORS Bypass
#833
porcupineyhairs
opened
5 days ago
2
Python : Arbitrary code execution due to Js2Py
#832
porcupineyhairs
opened
1 week ago
4
[Java]: additional path injection sinks
#831
am0o0
opened
3 weeks ago
4
Add kafkaui/compose.yml
#830
artsploit
closed
3 weeks ago
1
BB sunset
#829
xcorail
closed
3 weeks ago
1
CPP: Windows leaked handles
#827
bananabr
closed
3 weeks ago
13
Another rule for NULL dereference
#826
catenacyber
opened
1 month ago
4
[Python]: Unicode DoS Bug Slaying
#824
Sim4n6
closed
3 weeks ago
6
[Ruby]: Denial of Service due to the use of uncontrained integer/float
#823
Sim4n6
closed
1 month ago
7
Python: WTForms Denial of Service
#822
porcupineyhairs
opened
2 months ago
6
Update README.md - add CVE ID
#821
attritionorg
closed
2 months ago
0
Blog material
#820
m-y-mo
closed
3 months ago
0
Create Kabaha
#819
Alaxkohen
closed
3 months ago
0
Python: New code/command execution sinks
#818
am0o0
closed
4 days ago
12
[wall-of-fame]: Finding Gadgets for CPU Side-Channels
#817
xcorail
opened
4 months ago
0
Javascript/Python: Tokens built from predictable UUIDs
#816
bananabr
closed
1 month ago
8
Python: Add Code Injection Sinks for Pandas
#814
R3x
closed
5 months ago
4
[Python]: Unicode DoS
#813
Sim4n6
closed
3 months ago
8
[Golang]: SSTI Method Confusion
#812
aydinnyunus
closed
5 months ago
5
[JS]: Web Cache Deception
#811
aydinnyunus
closed
5 months ago
3
[JS]: Regex Global Flag in Test Function
#810
aydinnyunus
closed
5 months ago
5
[Go]: Query To Detect Denial Of Service Vulnerability
#809
Malayke
closed
3 months ago
9
[Go]: Web Cache Deception - Fiber / GoChi / HTTPRouter
#808
aydinnyunus
closed
6 months ago
6
[JS]: Env Injection
#807
am0o0
closed
4 days ago
7
[Kotlin]: Add support for Ktor framework
#805
am0o0
closed
15 hours ago
2
[wall-of-fame]: Finding Insecure TrustManagers and Disabled Hostname Verification with CodeQL
#804
intrigus-lgtm
closed
6 months ago
1
Add `swift` as a language option
#803
jorgectf
closed
6 months ago
7
[Swift]: Unsafe Unpacking Query
#802
maikypedia
closed
4 months ago
7
Web Cache Deception CodeQL
#801
aydinnyunus
closed
6 months ago
10
Java: Insecure Loading of Class in Android App without Package Signature Checking
#800
masterofnow
closed
5 months ago
14
[JS]: Signing and verifying JWT signature with a constant key
#799
am0o0
opened
7 months ago
11
Complete PoC for libcue CVE-2023-43641
#796
kevinbackhouse
closed
8 months ago
0
[Ruby]: Insecure Randomness Query
#795
maikypedia
closed
4 months ago
7
Blog material
#794
m-y-mo
closed
8 months ago
0
[JS]: Overly Permissive CORS Query
#793
maikypedia
opened
8 months ago
10
Files for disclosure of libcue CVE-2023-43641
#792
kevinbackhouse
closed
8 months ago
0
[Python]: New FileSystem Access sinks
#791
am0o0
closed
6 months ago
7
[JS]: added sqlite and TypeORM SQLI Sinks
#790
am0o0
closed
6 months ago
18
Blog material
#789
m-y-mo
closed
9 months ago
0
[JS]: New command execution sinks(Execa, shelljs and dynamic import)
#788
am0o0
closed
1 month ago
11
[Go]: fasthttp model for XSS, SSRF, open redirect
#786
am0o0
closed
5 months ago
9
[Go]: Improved JWT query, JWT decoding without verification
#785
am0o0
closed
8 months ago
9
[JS]: Decoding JWT without any signature Verification
#784
am0o0
closed
4 days ago
14
Next