Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / github/securitylab issues and pull requests

#905 - Add instructions regards Pixel 7 (panther)

Pull Request - State: open - Opened by 0xfed 5 months ago

#903 - QLpacks update

Pull Request - State: open - Opened by sylwia-budzynska 7 months ago

#899 - Full poc for CVE-2025-53367

Pull Request - State: open - Opened by kevinbackhouse 8 months ago

#897 - Fuzzer-generated poc for DjVuLibre CVE-2025-53367

Pull Request - State: closed - Opened by kevinbackhouse 8 months ago

#896 - PoC for poppler CVE-2025-52886

Pull Request - State: open - Opened by kevinbackhouse 8 months ago

#888 - [wall-of-fame]: <short description>Saqib

Issue - State: open - Opened by Saqibrizwan787 10 months ago
Labels: wall-of-fame

#881 - [wall-of-fame]: <short description>

Issue - State: open - Opened by johnjamesna4122 12 months ago
Labels: wall-of-fame

#875 - Create azure-container-webapp.yml

Pull Request - State: open - Opened by ijunxyz123 about 1 year ago

#874 - [Legend of Modern Times]: <Life and times of a legend>

Issue - State: closed - Opened by ijunxyz123 about 1 year ago
Labels: wall-of-fame

#872 - Delete LICENSE.md

Pull Request - State: closed - Opened by drusama007 about 1 year ago - 3 comments

#872 - Delete LICENSE.md

Pull Request - State: closed - Opened by drusama007 about 1 year ago

#871 - Delete CODE_OF_CONDUCT.md

Pull Request - State: closed - Opened by drusama007 about 1 year ago - 1 comment

#871 - Delete CODE_OF_CONDUCT.md

Pull Request - State: closed - Opened by drusama007 about 1 year ago

#869 - Fuzzing Gstreamer - MP4 generator

Pull Request - State: closed - Opened by antonio-morales about 1 year ago

#854 - Fix some build failures that happen on Ubuntu 24.04

Pull Request - State: closed - Opened by kevinbackhouse over 1 year ago - 2 comments

#854 - Fix some build failures that happen on Ubuntu 24.04

Pull Request - State: open - Opened by kevinbackhouse over 1 year ago

#849 - [wall-of-fame]: Finding SQL Injection in sqlKvStore of LF Edge eKuiper with CodeQL

Issue - State: open - Opened by leonnewton over 1 year ago
Labels: wall-of-fame

#847 - [wall-of-fame]: <short description>Opening of Securities

Issue - State: closed - Opened by slaffyJoe24 over 1 year ago
Labels: wall-of-fame

#845 - Blog material

Pull Request - State: closed - Opened by m-y-mo over 1 year ago

#845 - Blog material

Pull Request - State: closed - Opened by m-y-mo over 1 year ago

#840 - Block material

Pull Request - State: closed - Opened by m-y-mo over 1 year ago

#840 - Block material

Pull Request - State: closed - Opened by m-y-mo over 1 year ago

#839 - Java: Arbitrary user-controlled read/write on user-controlled path

Issue - State: closed - Opened by intrigus-lgtm over 1 year ago - 2 comments
Labels: The Bug Slayer

#838 - C#: Add query for insecure certificate validation

Issue - State: closed - Opened by intrigus-lgtm over 1 year ago - 1 comment
Labels: All For One

#837 - Delete issue templates for bug bounty

Pull Request - State: closed - Opened by xcorail over 1 year ago - 1 comment

#837 - Delete issue templates for bug bounty

Pull Request - State: closed - Opened by xcorail over 1 year ago - 1 comment

#836 - CPP: Disabled SSL certificate verification

Issue - State: closed - Opened by porcupineyhairs over 1 year ago - 6 comments
Labels: All For One

#835 - Python: Pycurl SSL Disabled

Issue - State: closed - Opened by porcupineyhairs over 1 year ago - 2 comments
Labels: All For One

#834 - Go: CORS Bypass due to incorrect checks

Issue - State: closed - Opened by porcupineyhairs over 1 year ago - 1 comment
Labels: All For One

#833 - Python: CORS Bypass

Issue - State: closed - Opened by porcupineyhairs over 1 year ago - 9 comments
Labels: All For One

#832 - Python : Arbitrary code execution due to Js2Py

Issue - State: closed - Opened by porcupineyhairs over 1 year ago - 11 comments
Labels: All For One

#831 - [Java]: additional path injection sinks

Issue - State: closed - Opened by am0o0 almost 2 years ago - 6 comments
Labels: All For One

#830 - Add kafkaui/compose.yml

Pull Request - State: closed - Opened by artsploit almost 2 years ago - 1 comment

#830 - Add kafkaui/compose.yml

Pull Request - State: closed - Opened by artsploit almost 2 years ago - 1 comment

#829 - BB sunset

Pull Request - State: closed - Opened by xcorail almost 2 years ago - 1 comment

#829 - BB sunset

Pull Request - State: closed - Opened by xcorail almost 2 years ago

#827 - CPP: Windows leaked handles

Issue - State: closed - Opened by bananabr almost 2 years ago - 6 comments
Labels: All For One

#826 - Another rule for NULL dereference

Issue - State: closed - Opened by catenacyber almost 2 years ago - 6 comments
Labels: All For One

#824 - [Python]: Unicode DoS Bug Slaying

Issue - State: closed - Opened by Sim4n6 almost 2 years ago - 5 comments
Labels: The Bug Slayer

#822 - Python: WTForms Denial of Service

Issue - State: closed - Opened by porcupineyhairs almost 2 years ago - 6 comments
Labels: All For One

#821 - Update README.md - add CVE ID

Pull Request - State: closed - Opened by attritionorg almost 2 years ago

#821 - Update README.md - add CVE ID

Pull Request - State: closed - Opened by attritionorg almost 2 years ago

#820 - Blog material

Pull Request - State: closed - Opened by m-y-mo almost 2 years ago

#820 - Blog material

Pull Request - State: closed - Opened by m-y-mo almost 2 years ago

#819 - Create Kabaha

Pull Request - State: closed - Opened by Alaxkohen about 2 years ago

#819 - Create Kabaha

Pull Request - State: closed - Opened by Alaxkohen about 2 years ago

#818 - Python: New code/command execution sinks

Issue - State: closed - Opened by am0o0 about 2 years ago - 11 comments
Labels: All For One

#817 - [wall-of-fame]: Finding Gadgets for CPU Side-Channels

Issue - State: closed - Opened by xcorail about 2 years ago - 1 comment
Labels: wall-of-fame

#816 - Javascript/Python: Tokens built from predictable UUIDs

Issue - State: closed - Opened by bananabr about 2 years ago - 3 comments
Labels: All For One

#813 - [Python]: Unicode DoS

Issue - State: closed - Opened by Sim4n6 about 2 years ago - 7 comments
Labels: All For One

#812 - [Golang]: SSTI Method Confusion

Issue - State: closed - Opened by aydinnyunus about 2 years ago - 4 comments
Labels: All For One

#811 - [JS]: Web Cache Deception

Issue - State: closed - Opened by aydinnyunus about 2 years ago - 2 comments
Labels: All For One

#810 - [JS]: Regex Global Flag in Test Function

Issue - State: closed - Opened by aydinnyunus about 2 years ago - 4 comments
Labels: All For One

#809 - [Go]: Query To Detect Denial Of Service Vulnerability

Issue - State: closed - Opened by Malayke about 2 years ago - 8 comments
Labels: All For One

#808 - [Go]: Web Cache Deception - Fiber / GoChi / HTTPRouter

Issue - State: closed - Opened by aydinnyunus about 2 years ago - 6 comments
Labels: All For One

#807 - [JS]: Env Injection

Issue - State: closed - Opened by am0o0 about 2 years ago - 6 comments
Labels: All For One

#804 - [wall-of-fame]: Finding Insecure TrustManagers and Disabled Hostname Verification with CodeQL

Issue - State: closed - Opened by intrigus-lgtm over 2 years ago - 1 comment
Labels: wall-of-fame

#803 - Add `swift` as a language option

Pull Request - State: closed - Opened by jorgectf over 2 years ago - 7 comments

#801 - Web Cache Deception CodeQL

Issue - State: closed - Opened by aydinnyunus over 2 years ago - 10 comments
Labels: All For One

#800 - Java: Insecure Loading of Class in Android App without Package Signature Checking

Issue - State: closed - Opened by masterofnow over 2 years ago - 13 comments
Labels: All For One

#799 - [JS]: Signing and verifying JWT signature with a constant key

Issue - State: closed - Opened by am0o0 over 2 years ago - 12 comments
Labels: All For One

#795 - [Ruby]: Insecure Randomness Query

Issue - State: closed - Opened by maikypedia over 2 years ago - 6 comments
Labels: All For One

#794 - Blog material

Pull Request - State: closed - Opened by m-y-mo over 2 years ago

#793 - [JS]: Overly Permissive CORS Query

Issue - State: closed - Opened by maikypedia over 2 years ago - 12 comments
Labels: All For One

#792 - Files for disclosure of libcue CVE-2023-43641

Pull Request - State: closed - Opened by kevinbackhouse over 2 years ago

#791 - [Python]: New FileSystem Access sinks

Issue - State: closed - Opened by am0o0 over 2 years ago - 7 comments
Labels: All For One

#790 - [JS]: added sqlite and TypeORM SQLI Sinks

Issue - State: closed - Opened by am0o0 over 2 years ago - 18 comments
Labels: All For One

#789 - Blog material

Pull Request - State: closed - Opened by m-y-mo over 2 years ago

#788 - [JS]: New command execution sinks(Execa, shelljs and dynamic import)

Issue - State: closed - Opened by am0o0 over 2 years ago - 10 comments
Labels: All For One

#786 - [Go]: fasthttp model for XSS, SSRF, open redirect

Issue - State: closed - Opened by am0o0 over 2 years ago - 8 comments
Labels: All For One

#784 - [JS]: Decoding JWT without any signature Verification

Issue - State: closed - Opened by am0o0 over 2 years ago - 13 comments
Labels: All For One

#783 - [Java]: JWT decoding without verification

Issue - State: closed - Opened by am0o0 over 2 years ago - 5 comments
Labels: All For One

#782 - [Go]: New File System Access Sinks

Issue - State: closed - Opened by amammad over 2 years ago - 11 comments
Labels: All For One

#781 - [Ruby]: JWT Security Queries

Issue - State: closed - Opened by maikypedia over 2 years ago - 4 comments
Labels: All For One

#780 - Create jekyll-gh-pages.yml

Pull Request - State: closed - Opened by bitcoinfinancier over 2 years ago

#779 - [C/C++]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 4 comments
Labels: All For One

#778 - [C#]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 4 comments
Labels: All For One

#777 - [Python]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 5 comments
Labels: All For One

#776 - [Ruby]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 12 comments
Labels: All For One

#775 - [JS]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 5 comments
Labels: All For One

#774 - [Java]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 5 comments
Labels: All For One

#773 - [Go]: DOS through Decompression

Issue - State: closed - Opened by am0o0 over 2 years ago - 17 comments
Labels: All For One

#772 - [Python]: Add unsafe deserialization sinks

Issue - State: closed - Opened by maikypedia over 2 years ago - 5 comments
Labels: All For One

#771 - [Java]: Add JDBC connection RCE sinks

Issue - State: closed - Opened by pyn3rd over 2 years ago - 3 comments
Labels: All For One

#770 - Fix build error

Pull Request - State: closed - Opened by kevinbackhouse over 2 years ago

#768 - [Python]: Configuration Injection modeling

Issue - State: closed - Opened by Sim4n6 over 2 years ago - 5 comments
Labels: All For One

#767 - JS: Add Node.js File system Promises API

Issue - State: closed - Opened by amammad over 2 years ago - 3 comments
Labels: All For One

#766 - Python: Flask & Django Constant Secret Key initialization

Issue - State: closed - Opened by amammad over 2 years ago - 4 comments
Labels: All For One

#765 - Local command injection for C# console applications

Issue - State: closed - Opened by cldrn over 2 years ago - 3 comments
Labels: All For One

#764 - EmscriptenRunScriptTaint query

Issue - State: closed - Opened by spaceraccoon over 2 years ago - 5 comments
Labels: All For One

#763 - PoC for libssh CVE-2023-2283

Pull Request - State: closed - Opened by kevinbackhouse almost 3 years ago

#762 - [Go]: Add Improper LDAP Authentication query

Issue - State: closed - Opened by maikypedia almost 3 years ago - 13 comments
Labels: All For One

#761 - [Ruby]: Add Improper LDAP Authentication query

Issue - State: closed - Opened by maikypedia almost 3 years ago - 8 comments
Labels: All For One

#760 - Blog material

Pull Request - State: closed - Opened by m-y-mo almost 3 years ago

#758 - [Ruby]: XPath Injection

Issue - State: closed - Opened by maikypedia almost 3 years ago - 11 comments
Labels: All For One

#757 - Go : Add query to detect timing attacks

Issue - State: closed - Opened by porcupineyhairs almost 3 years ago - 21 comments
Labels: All For One

#753 - [CSharp] Add Unicode Bypass Validation query, test and help file

Issue - State: closed - Opened by Sim4n6 almost 3 years ago - 2 comments
Labels: All For One

#752 - [Java] Add Unicode Bypass Validation query, test and help file

Issue - State: closed - Opened by Sim4n6 almost 3 years ago - 16 comments
Labels: All For One

#751 - [Go] Add Unicode Bypass Validation query, test and help file

Issue - State: closed - Opened by Sim4n6 almost 3 years ago - 14 comments
Labels: All For One