各种语言的缺陷
https://rules.sonarsource.com
游戏规则
https://securitylab.github.com/bounties/
Hackerone
https://hackerone.com/github-security-lab
| 1 | c# | C# : Add query to detect Server Side Request Forgery |
|---|---|---|
| 2 | cpp | [cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics |
| 3 | Python | [Python] CWE-348: Client supplied ip used in security check |
| 4 | javascript | New experimental query: Clipboard-based XSS |
| 5 | Java | [Java] CWE-502: Unsafe deserialization with three JSON frameworks |
| 6 | Java | [Java] CWE-079: Query to detect XSS with JavaServer Faces (JSF) |
| 7 | Java | Java: Unsafe deserialization with Jackson |
| 8 | Python | [Python] CWE-400: Regular Expression Injection |
| 9 | Python | [Python]: CWE-117 Log Injection |
| 10 | Java | [Java] CWE-552: Unsafe url forward |
| 11 | Java | Java: Static initialization vector |
| 12 | Python | [Python] CWE-090: LDAP Injection |
| 13 | Java | [Java] CWE-200: Query to detect exposure of sensitive information from android file intent |
| 14 | Java | [Java]: Add XXE sinks |
| 15 | Java | Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts |
| 16 | cpp | C++: Support Pqxx connector to search for sql injections to Postgres |
| 17 | Java | Java: Fix NashornScriptEngine detection in ScriptEngine query |
| 18 | Java | [Java] CWE-326: Query to detect weak encryption with an insufficient key size |
| 19 | ihsinme: Add query for CWE-758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior | |
| 20 | Java | [Java] JShell Injection |
| 21 | Python | [Python] CWE-522: Insecure LDAP Authentication |
| 22 | Java | Java: Timing attacks while comparing results of cryptographic operations |
| 23 | Java | Java: Query for detecting JEXL injections |
| 24 | Java | [Java] CWE-555: Query to detect password in Java EE configuration files |
| 25 | Java | Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks |
| 26 | Java | Java: Query for detecting unsafe deserialization with Spring exporters |
| 27 | Java | [Java] CWE-094: Query to detect Groovy Code Injections |
| 28 | Java | [Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks |
| 29 | Java | [Java]: CWE 295 - Insecure TrustManager - MiTM |
| 30 | Java | [Java]: CWE-665 Insecure environment during RMI/JMX Server initialisation - All for one bounty |
| 31 | c# | [C#]: HttpOnly and Secure Cookies for .NET Core and .NET |
| 32 | CPP | ihsinme:CPP Add query for CWE-415 Double Free |
| 33 | Java | [Java] CWE-312: Query to detect cleartext storage of sensitive information using Android SharedPreferences |
| 34 | Java | [Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code (‘Unsafe Reflection’) |
| 35 | GO | [GO]: CWE-326: Insufficient key size |
| 36 | Python | Python: Add support of clickhouse-driver package |
| 37 | GO | [GO] CWE-1004: Sensitive cookie without HttpOnly |
| 38 | CPP | ihsinme: CPP Add query for CWE-783 Operator Precedence Logic Error When Use Bool Type |
| 39 | Javascript | Initial websocket support for Javascript (SockJS) |
| 40 | c# | [C#]: Deserialization sinks |
| 41 | go | [go]: Add query for detecting CORS misconfiguration |
| 42 | Java | LDAP injection vulnerability in Java |
| 43 | Java | [Java] BeanShell Injection |
| 44 | Java | [Java]: CWE-502 Add UnsafeDeserialization sinks |
| 45 | Java | Java: CodeQL query for unsafe RMI deserialization |
| 46 | CPP | ihsinme: CPP Add query for CWE-1126: Declaration of Variable with Unnecessarily Wide Scope |
| 47 | JavaScript | [JavaScript]: CWE-1004: Sensitive cookie without HttpOnly |
| 48 | Java | Java/CWE-036: Calling openStream on URLs created from remote source can lead to file disclosure |
| 49 | Java | [Java] CWE-755: Query to detect Local Android DoS caused by NFE |
| 50 | go | [codeql-go]: Add query to find use of constant state parameter in Oauth2 flow |
| 51 | Python | [Python] CWE-287: LDAP Improper Authentication |
| 52 | Python | [Python]: Add SqlAlchemy support for SQL injection query |
| 53 | Java | [Java] CWE-094: Rhino code injection |
| 54 | JAVA | [JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass |
| 55 | Java | [Java]: CWE-730 Regex injection |
| 56 | Java | [Java] CWE-295 - Incorrect Hostname Verification - MitM |
| 57 | Java | [Java]: CWE 295 - Insecure TrustManager - MiTM |
| 58 | Go | Golang : Add Email Content Injection query |
| 59 | Python | Python : Add query to detect Server Side Template Injection |
| 60 | Java | [Java] CWE-598: Use of GET Request Method with Sensitive Query Strings |
| 61 | Java | Java: CWE-600 Uncaught servlet exception |
| 62 | Java | Java: JSONP Injection |
| 63 | Java | [Java] CWE-094: Jython code injection |
| 64 | Java | [Java] CWE-297: Insecure LDAP endpoint configuration |
| 65 | go | [Java] CWE-327: Add more broken crypto algorithms |
| 66 | Java | [Java] CWE-1004: Query to check sensitive cookies without the HttpOnly flag set |
| 67 | jaava | CodeQL query to detect JNDI injections |
| 68 | CPP | ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management When Using Bit Operations |
| 69 | Java | [Java] CWE-601: Add Spring URL Redirect ResponseEntity sink |
| 70 | Go | codeql-go: Expand Go standard library taint-tracking models to 63 packages, 554 models and 733 tests (from ~13 packages, ~103 models, ~50 tests) |
| 71 | Java | [Java] CWE-078: Add JSch lib OS Command Injection sink |
| 72 | Java | [Java]: CWE-601 Spring url redirection detect |
| 73 | Java | Java: CWE-652 Improper Neutralization of Data within XQuery Expressions (‘XQuery Injection’) |
| 74 | Java | [Java] Query for detecting Jakarta Expression Language injections |
| 75 | Java | CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java |
| 76 | CPP | ihsinme: CPP add query for: CPP Add query for CWE-20 Improper Input Validation |
| 77 | CPP | ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strlen. |
| 78 | Java | [Java] CWE-759: Query to detect password hash without a salt |
| 79 | Java | porcupiney.hairs : Java/Android - Insecure Loading of a Dex File |
| 80 | Java | [Java] CWE-489: Query to detect main() method in Java EE applications |
| 81 | Python | [Python] CWE-943: Add NoSQL Injection Query |
| 82 | CPP | ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors. |
| 83 | javascript | [javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage |
| 84 | Java | Java: CWE-346 Queries to detect remote source flow to CORS Headers |
| 85 | Java | Java : Add query for detecting Log Injection vulenrabilities |
| 86 | Java | Java : Add query for detecting Log Injection vulenrabilities |
| 87 | Java | Java: Detect remote source from Android intent extra |
| 88 | CPP | CPP: Out of order Linux permission dropping without checking return codes |
| 89 | CPP | CPP: CWE-191 into experimental this reveals a dangerous comparison |
| 90 | Go | Golang : Improvements to Golang SSRF query |
| 91 | Java | Java : CWE-548 - J2EE server directory listing enabled |
| 92 | Java | Java (Maven): Use of insecure protocol to download/upload artifacts |
| 93 | Java | Java: Add SSRF query for Java |
| 94 | javascript | [javascript] CWE-90: CodeQL to detect LDAP Injection |
| 95 | Java | [Java] CWE-348: Use of less trusted source |
| 96 | CPP | ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code |
| 97 | Java | Java: CWE-939 - Address improper URL authorization |
| 98 | java | CodeQL query for SpEL injections |
| 99 | Java | Java: CWE-522 Insecure basic authentication |
| 100 | JavaScript | [JavaScript]: add query for Express-HBS LFR |
| 101 | Java | [Java] CWE-927: Sensitive broadcast |
| 102 | go | Golang : Add MongoDb NoSQL injection sinks |
| 103 | CPP | ihsinme: CPP Add query for CWE-14 compiler removal of code to clear buffers. |
| 104 | Java | Java : Add query to detect Apache Struts enabled Development mode |
| 105 | Java | [Java] CWE-939 - Address improper URL authorization |
| 106 | gagliardetto: Query to detect incorrect conversion between numeric types | |
| 107 | Java | [Java] CWE-522: Insecure LDAP authentication |
| 108 | JavaScript | CodeQL query to detect Server-Side Template Injections (JavaScript) |
| 109 | CPP | ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat. |
| 110 | Java | Java : Add a query to detect Spring View Manipulation Vulnerability |
| 111 | Java | Java: CWE-297 Insecure JavaMail SSL configuration |
| 112 | Java | Java: CWE-273 Unsafe certificate trust |
| 113 | Java | Java: CWE-798 - Hardcoded AWS credentials |
| 114 | Java | [Java]: CWE-523 Insecure HSTS configuration |
| 115 | Java | Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc |
| 116 | CodeQL query for unsafe TLS versions | |
| 117 | java | CodeQL query to detect open Spring Boot actuator endpoints |
| 118 | CPP | ihsinme: CPP Add query for CWE-401 memory leak on unsuccessful call to realloc function |
| 119 | JAVA | [JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass |
| 120 | CPP | CPP: Out of order Linux permission dropping without checking return codes |
| 121 | Java | Java: CWE-532 sensitive info logging |
| 122 | go | [golang] Division by zero query |
| 123 | Netty HTTP Response Splitting (CRLF Injection) due to disabled header validation | |
| 124 | Java | [Java] CWE-295: Disabled certificate validation in JXBrowser |
| 125 | CodeQL query for MVEL injections | |
| 126 | javascript | [javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set |
| 127 | CodeQL query for disabled revocation checking | |
| 128 | javascript | [javascript] CWE-117: CodeQL query to detect Log Injection |
| 129 | Query to find TLS configurations supporting hardcoded insecure versions of the protocol and cipher suites | |
| 130 | CodeQL query to detect insecure MaxLengthRequest values in ASP.NET applications | |
| 131 | go | Java : add MongoDB injection sinks |
| 132 | CPP | CPP: Missing/incomplete TLS server certificate hostname validation |
| 133 | java | XPath Injection query in java |
| 134 | Python | CodeQL query to detect SSRF in Python |
| 135 | java | Add check for disabled HTTPOnly setting in Tomcat |
| 136 | Java | Java: CWE-918 - Server Side Request Forgery (SSRF) |
| 137 | 3,880 Pull Requests Generated to fix JHipster RNG Vulnerability CVE-2019-16303 | |
| 138 | Java | Java: QL Query Detector for JHipster Generated CVE-2019-16303 |
| 139 | java | CodeQL query to detect OGNL injections |
| 140 | go | [codeql-go]: Add CWE-79: HTML template escaping passthrough |
| 141 | Java | CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java |
| 142 | java | Dynamic reflection class |
| 143 | Go | Go/CWE-643: XPath Injection Query in Go |
| 144 | Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET | |
| 145 | CodeQL query to detect pages with validationRequest disabled | |
| 146 | CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload | |
| 147 | CodeQL query to detect XSLT injections | |
| 148 | CPP | [CATENACYBER]: [CPP] CWE-476 Null Pointer Dereference : Another query to either missing or redundant NULL check |
| 149 | CodeQL query for finding CSRF vulnerabilities in Spring applications | |
| 150 | java | CWE-094 ScriptEngine in java |
| 151 | Java | [Java] CWE-295 - Incorrect Hostname Verification - MitM |
若有收获,就点个赞吧
0 人点赞
