Issues
- 1
- 2
Python: Pycurl SSL Disabled
#835 opened by porcupineyhairs - 6
[Python]: Unicode DoS Bug Slaying
#824 opened by Sim4n6 - 9
[Python]: Unicode DoS
#813 opened by Sim4n6 - 1
Go: CORS Bypass due to incorrect checks
#834 opened by porcupineyhairs - 6
CPP: Disabled SSL certificate verification
#836 opened by porcupineyhairs - 9
Python: CORS Bypass
#833 opened by porcupineyhairs - 4
[C/C++]: DOS through Decompression
#779 opened by am0o0 - 5
[Java]: JWT decoding without verification
#783 opened by am0o0 - 1
[wall-of-fame]: Finding Gadgets for CPU Side-Channels
#817 opened by xcorail - 12
- 9
Another rule for NULL dereference
#826 opened by catenacyber - 6
[Java]: additional path injection sinks
#831 opened by am0o0 - 5
[Java]: DOS through Decompression
#774 opened by am0o0 - 2
- 11
Python : Arbitrary code execution due to Js2Py
#832 opened by porcupineyhairs - 12
[JS]: Overly Permissive CORS Query
#793 opened by maikypedia - 2
Test bug
#842 opened by mrrajputhacker - 7
Python: WTForms Denial of Service
#822 opened by porcupineyhairs - 2
[Kotlin]: Add support for Ktor framework
#805 opened by am0o0 - 5
[C#]: DOS through Decompression
#778 opened by am0o0 - 12
Python: New code/command execution sinks
#818 opened by am0o0 - 14
[JS]: Decoding JWT without any signature Verification
#784 opened by am0o0 - 7
[JS]: Env Injection
#807 opened by am0o0 - 13
CPP: Windows leaked handles
#827 opened by bananabr - 13
[Ruby]: DOS through Decompression
#776 opened by am0o0 - 7
- 6
[JS]: DOS through Decompression
#775 opened by am0o0 - 8
- 11
- 17
[Go]: DOS through Decompression
#773 opened by am0o0 - 9
[Go]: Query To Detect Denial Of Service Vulnerability
#809 opened by Malayke - 6
[Python]: DOS through Decompression
#777 opened by am0o0 - 7
[Swift]: Unsafe Unpacking Query
#802 opened by maikypedia - 7
[Ruby]: Insecure Randomness Query
#795 opened by maikypedia - 9
[Go]: fasthttp model for XSS, SSRF, open redirect
#786 opened by am0o0 - 4
Python: Add Code Injection Sinks for Pandas
#814 opened by R3x - 5
[Golang]: SSTI Method Confusion
#812 opened by aydinnyunus - 5
[JS]: Regex Global Flag in Test Function
#810 opened by aydinnyunus - 5
[Ruby]: JWT Security Queries
#781 opened by maikypedia - 14
Java: Insecure Loading of Class in Android App without Package Signature Checking
#800 opened by masterofnow - 3
[JS]: Web Cache Deception
#811 opened by aydinnyunus - 6
- 1
[wall-of-fame]: Finding Insecure TrustManagers and Disabled Hostname Verification with CodeQL
#804 opened by intrigus-lgtm - 10
Web Cache Deception CodeQL
#801 opened by aydinnyunus - 7
[Python]: New FileSystem Access sinks
#791 opened by am0o0 - 18
[JS]: added sqlite and TypeORM SQLI Sinks
#790 opened by am0o0 - 9
- 11
[Go]: New File System Access Sinks
#782 opened by am0o0 - 5
[Python]: Add unsafe deserialization sinks
#772 opened by maikypedia