Issues
- 6
- 2
- 3
Python: WTForms Denial of Service
#822 opened by porcupineyhairs - 8
[JS]: Overly Permissive CORS Query
#793 opened by maikypedia - 5
[Python]: Configuration Injection modeling
#768 opened by Sim4n6 - 1
[Java]: DOS through Decompression
#774 opened by am0o0 - 8
[Python]: Unicode DoS
#813 opened by Sim4n6 - 17
[Go]: DOS through Decompression
#773 opened by am0o0 - 7
Python: New code/command execution sinks
#818 opened by am0o0 - 9
[Go]: Query To Detect Denial Of Service Vulnerability
#809 opened by Malayke - 0
[wall-of-fame]: Finding Gadgets for CPU Side-Channels
#817 opened by xcorail - 3
- 6
[Python]: DOS through Decompression
#777 opened by am0o0 - 7
[Swift]: Unsafe Unpacking Query
#802 opened by maikypedia - 0
- 7
[Ruby]: Insecure Randomness Query
#795 opened by maikypedia - 9
[Go]: fasthttp model for XSS, SSRF, open redirect
#786 opened by am0o0 - 2
[JS]: DOS through Decompression
#775 opened by am0o0 - 4
Python: Add Code Injection Sinks for Pandas
#814 opened by R3x - 5
[Golang]: SSTI Method Confusion
#812 opened by aydinnyunus - 5
[JS]: Regex Global Flag in Test Function
#810 opened by aydinnyunus - 5
[Ruby]: JWT Security Queries
#781 opened by maikypedia - 14
Java: Insecure Loading of Class in Android App without Package Signature Checking
#800 opened by masterofnow - 3
[JS]: Web Cache Deception
#811 opened by aydinnyunus - 6
- 1
[wall-of-fame]: Finding Insecure TrustManagers and Disabled Hostname Verification with CodeQL
#804 opened by intrigus-lgtm - 10
Web Cache Deception CodeQL
#801 opened by aydinnyunus - 0
[JS]: Env Injection
#807 opened by am0o0 - 7
[Python]: New FileSystem Access sinks
#791 opened by am0o0 - 18
[JS]: added sqlite and TypeORM SQLI Sinks
#790 opened by am0o0 - 0
[Kotlin]: Add support for Ktor framework
#805 opened by am0o0 - 13
[Go]: Add Improper LDAP Authentication query
#762 opened by maikypedia - 6
[JS]: Decoding JWT without any signature Verification
#784 opened by am0o0 - 2
[Java]: JWT decoding without verification
#783 opened by am0o0 - 10
[Ruby]: DOS through Decompression
#776 opened by am0o0 - 11
[Ruby]: XPath Injection
#758 opened by maikypedia - 9
- 11
[Go]: New File System Access Sinks
#782 opened by am0o0 - 7
- 5
[Python]: Add unsafe deserialization sinks
#772 opened by maikypedia - 8
[Ruby]: Add Improper LDAP Authentication query
#761 opened by maikypedia - 1
[C/C++]: DOS through Decompression
#779 opened by am0o0 - 3
Local command injection for C# console applications
#765 opened by cldrn - 4
- 0
[C#]: DOS through Decompression
#778 opened by am0o0 - 21
Go : Add query to detect timing attacks
#757 opened by porcupineyhairs - 3
JS: Add Node.js File system Promises API
#767 opened by am0o0 - 3
[Java]: Add JDBC connection RCE sinks
#771 opened by pyn3rd - 3
EmscriptenRunScriptTaint query
#764 opened by spaceraccoon - 10
[Python] Unsafe Unpacking and TarSlip bug slaying
#759 opened by Sim4n6