Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

19 Open 234 Closed
19 Open 234 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
[Java]: JOOQ SQL Injection via @PlainSQL annotated methods All For One
#539 opened Feb 14, 2022 by JLLeitschuh
1 of 2 tasks
2
[python]: Zip Slip Vulnerability All For One
#538 opened Feb 14, 2022 by ahmed532009
1 of 2 tasks
1
[Java]: Timing attacks while comparing the headers value All For One
#531 opened Feb 6, 2022 by ahmed532009
1 of 2 tasks
3
[Java]: CWE-073 - File path injection with the JFinal framework All For One
#527 opened Jan 23, 2022 by luchua-bc
1 of 2 tasks
6
[Java]: <a QL script to find PendingIntent Vulners for Android> All For One
#512 opened Dec 22, 2021 by zzhichen
1 of 2 tasks
8
Python: CWE-338 insecureRandomness All For One
#510 opened Dec 17, 2021 by museljh
1 of 2 tasks
4
CPP: Add query for CWE-266 Incorrect Privilege Assignment All For One
#484 opened Nov 16, 2021 by ihsinme
1 task done
4
[Go]: Add support of github.com/jackc/pgx and related packages All For One
#481 opened Nov 15, 2021 by japroc
3
PYTHON: CWE-079 - Add query for email injection All For One
#476 opened Nov 14, 2021 by mrthankyou
1 task done
CPP: Add query for CWE-377 Insecure Temporary File All For One
#475 opened Nov 10, 2021 by ihsinme
1 task done
2
CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory All For One
#466 opened Nov 3, 2021 by ihsinme
1 task done
1
[codeql-go]dependencies skipped while creating a database
#448 opened Oct 11, 2021 by hshenCode
New experimental query: Java BigDecimal DOS All For One
#435 opened Sep 22, 2021 by tonghuaroot
1 task done
6
Additional hardcoded credentials candidates 3rd-party api calls All For One
#432 opened Sep 20, 2021 by bananabr
1 task done
9
[Python]: CWE-611: XXE All For One
#424 opened Aug 25, 2021 by jorgectf
1 task done
11
Java : Add query to detect Server Side Template Injection (SSTI) All For One
#410 opened Jul 21, 2021 by porcupineyhairs
6
[C#] CWE-759: Query to detect password hash without a salt All For One
#233 opened Jan 13, 2021 by luchua-bc
1 task done
22
[Java] CWE-117: CodeQL query to detect Log Injection
#144 opened Jul 2, 2020 by dellalibera
1 task done
6
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data
#136 opened Jun 24, 2020 by intrigus-lgtm
1 task done
2
ProTip! Add no:assignee to see everything that’s not assigned.