Skip to content

Latest commit

 

History

History
199 lines (198 loc) · 28.1 KB

TOPGITHUBSECURITYLAB.md

File metadata and controls

199 lines (198 loc) · 28.1 KB
Raw

Top reports from GitHub Security Lab program at HackerOne:

  1. Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts to GitHub Security Lab - 283 upvotes, $4000
  2. [Python] CWE-400: Regular Expression Injection to GitHub Security Lab - 72 upvotes, $4500
  3. Initial websocket support for Javascript (SockJS) to GitHub Security Lab - 66 upvotes, $1800
  4. Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks to GitHub Security Lab - 59 upvotes, $2300
  5. Java/CWE-036: Calling openStream on URLs created from remote source can lead to file disclosure to GitHub Security Lab - 52 upvotes, $1800
  6. CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java to GitHub Security Lab - 51 upvotes, $3000
  7. [Java] CWE-326: Query to detect weak encryption with an insufficient key size to GitHub Security Lab - 41 upvotes, $4500
  8. [Java] CWE-555: Query to detect password in Java EE configuration files to GitHub Security Lab - 38 upvotes, $1800
  9. Java: Fix NashornScriptEngine detection in ScriptEngine query to GitHub Security Lab - 33 upvotes, $4500
  10. [Python] CWE-090: LDAP Injection to GitHub Security Lab - 33 upvotes, $4500
  11. Java (Maven): Use of insecure protocol to download/upload artifacts to GitHub Security Lab - 33 upvotes, $2300
  12. [Java] CWE-079: Query to detect XSS with JavaServer Faces (JSF) to GitHub Security Lab - 31 upvotes, $1800
  13. LDAP injection vulnerability in Java to GitHub Security Lab - 29 upvotes, $2500
  14. Python : Add query to detect Server Side Template Injection to GitHub Security Lab - 29 upvotes, $2300
  15. CodeQL query to detect JNDI injections to GitHub Security Lab - 28 upvotes, $2300
  16. Java: Unsafe deserialization with Jackson to GitHub Security Lab - 26 upvotes, $4500
  17. [porcupiney.hairs]: [Python] Add Flask Path injection sinks to GitHub Security Lab - 26 upvotes, $2300
  18. CPP: Out of order Linux permission dropping without checking return codes to GitHub Security Lab - 22 upvotes, $1800
  19. Java: Static initialization vector to GitHub Security Lab - 22 upvotes, $1800
  20. Java: Query for detecting JEXL injections to GitHub Security Lab - 20 upvotes, $4500
  21. Golang : Hardcoded secret used for signing JWT to GitHub Security Lab - 18 upvotes, $1800
  22. [Python] CWE-348: Client supplied ip used in security check to GitHub Security Lab - 17 upvotes, $1800
  23. Java: CWE-939 - Address improper URL authorization to GitHub Security Lab - 17 upvotes, $1500
  24. New experimental query: Clipboard-based XSS to GitHub Security Lab - 16 upvotes, $4500
  25. [javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage to GitHub Security Lab - 16 upvotes, $1800
  26. Java: Query for detecting unsafe deserialization with Spring exporters to GitHub Security Lab - 15 upvotes, $4500
  27. [Java] CWE-755: Query to detect Local Android DoS caused by NFE to GitHub Security Lab - 15 upvotes, $1800
  28. C++: Support Pqxx connector to search for sql injections to Postgres to GitHub Security Lab - 14 upvotes, $4500
  29. Netty HTTP Response Splitting (CRLF Injection) due to disabled header validation to GitHub Security Lab - 14 upvotes, $1500
  30. CPP: Out of order Linux permission dropping without checking return codes to GitHub Security Lab - 14 upvotes, $1500
  31. CodeQL query for SpEL injections to GitHub Security Lab - 13 upvotes, $2300
  32. Java : CWE-548 - J2EE server directory listing enabled to GitHub Security Lab - 13 upvotes, $1800
  33. Golang : Improvements to Golang SSRF query to GitHub Security Lab - 12 upvotes, $1800
  34. [Java] JShell Injection to GitHub Security Lab - 12 upvotes, $1800
  35. [Java] CWE-016: Query to detect insecure configuration of Spring Boot Actuator to GitHub Security Lab - 12 upvotes, $500
  36. Golang : Add Email Content Injection query to GitHub Security Lab - 11 upvotes, $2300
  37. [Java] CWE-939 - Address improper URL authorization to GitHub Security Lab - 11 upvotes, $1800
  38. gagliardetto: Query to detect incorrect conversion between numeric types to GitHub Security Lab - 11 upvotes, $1800
  39. Java: An experimental query for ignored hostname verification to GitHub Security Lab - 11 upvotes, $1800
  40. Java: CWE-532 sensitive info logging to GitHub Security Lab - 11 upvotes, $500
  41. [Java] CWE-094: Query to detect Groovy Code Injections to GitHub Security Lab - 10 upvotes, $4500
  42. Java: CWE-600 Uncaught servlet exception to GitHub Security Lab - 10 upvotes, $1800
  43. Golang : Add Query To Detect PAM Authorization Bugs to GitHub Security Lab - 10 upvotes, $1800
  44. Java: CWE-798 - Hardcoded AWS credentials to GitHub Security Lab - 10 upvotes, $1000
  45. [Java]: CWE-625 - Query to detect regex dot bypass to GitHub Security Lab - 10 upvotes, $1000
  46. [Java] CWE-312: Query to detect cleartext storage of sensitive information using Android SharedPreferences to GitHub Security Lab - 9 upvotes, $4500
  47. Java: CWE-522 Insecure basic authentication to GitHub Security Lab - 9 upvotes, $2300
  48. Java: CWE-297 Insecure JavaMail SSL configuration to GitHub Security Lab - 9 upvotes, $1800
  49. [Java] CWE-598: Use of GET Request Method with Sensitive Query Strings to GitHub Security Lab - 9 upvotes, $1800
  50. CodeQL query to detect insecure MaxLengthRequest values in ASP.NET applications to GitHub Security Lab - 9 upvotes, $1000
  51. Java: Regex injection to GitHub Security Lab - 9 upvotes, $1000
  52. PYTHON: CWE-079 - Add query for email injection to GitHub Security Lab - 8 upvotes, $4500
  53. CodeQL query to detect Server-Side Template Injections (JavaScript) to GitHub Security Lab - 8 upvotes, $2300
  54. CodeQL query to detect open Spring Boot actuator endpoints to GitHub Security Lab - 8 upvotes, $1800
  55. [Java] CWE-327: Add more broken crypto algorithms to GitHub Security Lab - 8 upvotes, $1800
  56. [Java]: Flow sources and steps for JMS and RabbitMQ to GitHub Security Lab - 8 upvotes, $1800
  57. CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory to GitHub Security Lab - 8 upvotes, $1000
  58. CodeQL query for unsafe TLS versions to GitHub Security Lab - 7 upvotes, $1800
  59. Java: CWE-273 Unsafe certificate trust to GitHub Security Lab - 7 upvotes, $1800
  60. Java: Detect remote source from Android intent extra to GitHub Security Lab - 7 upvotes, $1800
  61. [Java] CWE-297: Insecure LDAP endpoint configuration to GitHub Security Lab - 7 upvotes, $1800
  62. [Java] CWE-1004: Query to check sensitive cookies without the HttpOnly flag set to GitHub Security Lab - 7 upvotes, $1000
  63. [python]: Zip Slip Vulnerability to GitHub Security Lab - 7 upvotes, $1000
  64. [codeql-go]: Add query to find use of constant state parameter in Oauth2 flow to GitHub Security Lab - 6 upvotes, $4500
  65. [cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics to GitHub Security Lab - 6 upvotes, $4500
  66. porcupiney.hairs : Java/Android - Insecure Loading of a Dex File to GitHub Security Lab - 6 upvotes, $1800
  67. [Java] CWE-094: Rhino code injection to GitHub Security Lab - 6 upvotes, $1800
  68. [GO]: CWE-326: Insufficient key size to GitHub Security Lab - 6 upvotes, $1800
  69. Python: Add support of clickhouse-driver package to GitHub Security Lab - 6 upvotes, $1800
  70. ihsinme:CPP Add query for CWE-415 Double Free to GitHub Security Lab - 6 upvotes, $1800
  71. [Java]: Add XXE sinks to GitHub Security Lab - 6 upvotes, $1800
  72. [Java] CWE-502: Unsafe deserialization with three JSON frameworks to GitHub Security Lab - 6 upvotes, $1800
  73. [GO]: [CWE-090: LDAP Injection All For One] to GitHub Security Lab - 6 upvotes, $1800
  74. ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strlen. to GitHub Security Lab - 6 upvotes, $1000
  75. [Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks to GitHub Security Lab - 6 upvotes, $1000
  76. codeql-go: Expand Go standard library taint-tracking models to 63 packages, 554 models and 733 tests (from ~13 packages, ~103 models, ~50 tests) to GitHub Security Lab - 5 upvotes, $6000
  77. [Java] CWE-927: Sensitive broadcast to GitHub Security Lab - 5 upvotes, $1800
  78. CPP: CWE-191 into experimental this reveals a dangerous comparison to GitHub Security Lab - 5 upvotes, $1800
  79. Golang : Add MongoDb NoSQL injection sinks to GitHub Security Lab - 5 upvotes, $1800
  80. [Java] CWE-489: Query to detect main() method in Java EE applications to GitHub Security Lab - 5 upvotes, $1800
  81. Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') to GitHub Security Lab - 5 upvotes, $1800
  82. ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors. to GitHub Security Lab - 5 upvotes, $1800
  83. Java: JSONP Injection to GitHub Security Lab - 5 upvotes, $1800
  84. ihsinme: CPP Add query for CWE-783 Operator Precedence Logic Error When Use Bool Type to GitHub Security Lab - 5 upvotes, $1800
  85. [Java]: CWE-665 Insecure environment during RMI/JMX Server initialisation - All for one bounty to GitHub Security Lab - 5 upvotes, $1800
  86. C# : Add query to detect Server Side Request Forgery to GitHub Security Lab - 5 upvotes, $1800
  87. Python: CWE-338 insecureRandomness to GitHub Security Lab - 5 upvotes, $1800
  88. [Python]: Add Server-side Request Forgery sinks to GitHub Security Lab - 5 upvotes, $1800
  89. Java : Add query for detecting Log Injection vulenrabilities to GitHub Security Lab - 5 upvotes, $1080
  90. Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET to GitHub Security Lab - 5 upvotes, $1000
  91. CodeQL query to detect pages with validationRequest disabled to GitHub Security Lab - 5 upvotes, $1000
  92. CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java to GitHub Security Lab - 5 upvotes, $1000
  93. ihsinme: CPP Add query for CWE-14 compiler removal of code to clear buffers. to GitHub Security Lab - 5 upvotes, $1000
  94. ihsinme: CPP add query for: CPP Add query for CWE-20 Improper Input Validation to GitHub Security Lab - 5 upvotes, $1000
  95. [Java] CWE-759: Query to detect password hash without a salt to GitHub Security Lab - 5 upvotes, $1000
  96. ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management When Using Bit Operations to GitHub Security Lab - 5 upvotes, $1000
  97. [GO] CWE-1004: Sensitive cookie without HttpOnly to GitHub Security Lab - 5 upvotes, $1000
  98. CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload to GitHub Security Lab - 5 upvotes, $500
  99. Dynamic reflection class to GitHub Security Lab - 5 upvotes, $200
  100. CodeQL query for MVEL injections to GitHub Security Lab - 4 upvotes, $2300
  101. CodeQL query for finding CSRF vulnerabilities in Spring applications to GitHub Security Lab - 4 upvotes, $1800
  102. XPath Injection query in java to GitHub Security Lab - 4 upvotes, $1800
  103. Java: Add SSRF query for Java to GitHub Security Lab - 4 upvotes, $1800
  104. [JavaScript]: add query for Express-HBS LFR to GitHub Security Lab - 4 upvotes, $1800
  105. Java : Add query to detect Apache Struts enabled Development mode to GitHub Security Lab - 4 upvotes, $1800
  106. Java: CWE-346 Queries to detect remote source flow to CORS Headers to GitHub Security Lab - 4 upvotes, $1800
  107. [Java] Query for detecting Jakarta Expression Language injections to GitHub Security Lab - 4 upvotes, $1800
  108. [Java] CWE-094: Jython code injection to GitHub Security Lab - 4 upvotes, $1800
  109. ihsinme: CPP Add query for CWE-1126: Declaration of Variable with Unnecessarily Wide Scope to GitHub Security Lab - 4 upvotes, $1800
  110. [Java] BeanShell Injection to GitHub Security Lab - 4 upvotes, $1800
  111. [Java]: CWE-502 Add UnsafeDeserialization sinks to GitHub Security Lab - 4 upvotes, $1800
  112. Java: CodeQL query for unsafe RMI deserialization to GitHub Security Lab - 4 upvotes, $1800
  113. [Python]: CWE-117 Log Injection to GitHub Security Lab - 4 upvotes, $1800
  114. [Java] CWE-552: Unsafe url forward to GitHub Security Lab - 4 upvotes, $1800
  115. [Python]: CWE-611: XXE to GitHub Security Lab - 4 upvotes, $1800
  116. [Java]: Add JDBC connection SSRF sinks to GitHub Security Lab - 4 upvotes, $1800
  117. Java : Add query to detect Server Side Template Injection (SSTI) to GitHub Security Lab - 4 upvotes, $1800
  118. CPP: Add query for CWE-266 Incorrect Privilege Assignment to GitHub Security Lab - 4 upvotes, $1800
  119. [Java]: CWE-073 - File path injection with the JFinal framework to GitHub Security Lab - 4 upvotes, $1800
  120. [Java]: CWE-552 Add sources and sinks to detect unsafe getResource calls in Java EE applications to GitHub Security Lab - 4 upvotes, $1800
  121. Java : add MongoDB injection sinks to GitHub Security Lab - 4 upvotes, $1000
  122. [JavaScript]: CWE-1004: Sensitive cookie without HttpOnly to GitHub Security Lab - 4 upvotes, $1000
  123. CPP: Add query for CWE-377 Insecure Temporary File to GitHub Security Lab - 4 upvotes, $1000
  124. ihsinme: CPP Add a query to find incorrectly used exceptions. to GitHub Security Lab - 4 upvotes, $1000
  125. Java : Add query for detecting Log Injection vulenrabilities to GitHub Security Lab - 4 upvotes, $720
  126. [Java]: CWE-523 Insecure HSTS configuration to GitHub Security Lab - 4 upvotes, $250
  127. Go/CWE-643: XPath Injection Query in Go to GitHub Security Lab - 4 upvotes, $0
  128. CPP: Missing/incomplete TLS server certificate hostname validation to GitHub Security Lab - 4 upvotes, $0
  129. [Java]: CWE 295 - Insecure TrustManager - MiTM to GitHub Security Lab - 4 upvotes, $0
  130. [javascript] CWE-90: CodeQL to detect LDAP Injection to GitHub Security Lab - 3 upvotes, $4500
  131. Java: Timing attacks while comparing results of cryptographic operations to GitHub Security Lab - 3 upvotes, $4500
  132. CodeQL query for disabled revocation checking to GitHub Security Lab - 3 upvotes, $1800
  133. [javascript] CWE-117: CodeQL query to detect Log Injection to GitHub Security Lab - 3 upvotes, $1800
  134. [Java] CWE-522: Insecure LDAP authentication to GitHub Security Lab - 3 upvotes, $1800
  135. Java : Add a query to detect Spring View Manipulation Vulnerability to GitHub Security Lab - 3 upvotes, $1800
  136. [Java]: CWE-601 Spring url redirection detect to GitHub Security Lab - 3 upvotes, $1800
  137. [Java] CWE-078: Add JSch lib OS Command Injection sink to GitHub Security Lab - 3 upvotes, $1800
  138. [Java]: CWE-730 Regex injection to GitHub Security Lab - 3 upvotes, $1800
  139. [go]: Add query for detecting CORS misconfiguration to GitHub Security Lab - 3 upvotes, $1800
  140. [Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') to GitHub Security Lab - 3 upvotes, $1800
  141. ihsinme: Add query for CWE-758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior to GitHub Security Lab - 3 upvotes, $1800
  142. [Java] CWE-200: Query to detect exposure of sensitive information from android file intent to GitHub Security Lab - 3 upvotes, $1800
  143. [Java]: CWE-200 - Query to detect insecure WebResourceResponse implementation to GitHub Security Lab - 3 upvotes, $1800
  144. [Java]: CWE-321 - Query to detect hardcoded JWT secret keys to GitHub Security Lab - 3 upvotes, $1800
  145. [CPP]: Add query for CWE-297: Improper Validation of Certificate with Host Mismatch to GitHub Security Lab - 3 upvotes, $1800
  146. [JAVA]: Partial Path Traversal to GitHub Security Lab - 3 upvotes, $1800
  147. ihsinme: CPP Add query for CWE-675 Duplicate Operations on Resource to GitHub Security Lab - 3 upvotes, $1000
  148. [Java]: Timing attacks while comparing the headers value to GitHub Security Lab - 3 upvotes, $1000
  149. [CPP]: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation to GitHub Security Lab - 3 upvotes, $500
  150. Yet another SSRF query for Go to GitHub Security Lab - 3 upvotes, $450
  151. Yet another SSRF query for Go to GitHub Security Lab - 3 upvotes, $450
  152. Yet another SSRF query for Go to GitHub Security Lab - 3 upvotes, $450
  153. Yet another SSRF query for Javascript to GitHub Security Lab - 3 upvotes, $250
  154. [JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass to GitHub Security Lab - 3 upvotes, $0
  155. [Java] CWE-295 - Incorrect Hostname Verification - MitM to GitHub Security Lab - 3 upvotes, $0
  156. [Python]: Add SqlAlchemy support for SQL injection query to GitHub Security Lab - 2 upvotes, $4500
  157. CodeQL query to detect OGNL injections to GitHub Security Lab - 2 upvotes, $2300
  158. Query to find TLS configurations supporting hardcoded insecure versions of the protocol and cipher suites to GitHub Security Lab - 2 upvotes, $2300
  159. CWE-094 ScriptEngine in java to GitHub Security Lab - 2 upvotes, $1800
  160. Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc to GitHub Security Lab - 2 upvotes, $1800
  161. ihsinme: CPP Add query for CWE-401 memory leak on unsuccessful call to realloc function to GitHub Security Lab - 2 upvotes, $1800
  162. [golang] Division by zero query to GitHub Security Lab - 2 upvotes, $1800
  163. ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat. to GitHub Security Lab - 2 upvotes, $1800
  164. [Python] CWE-287: LDAP Improper Authentication to GitHub Security Lab - 2 upvotes, $1800
  165. [Python] CWE-943: Add NoSQL Injection Query to GitHub Security Lab - 2 upvotes, $1800
  166. [Python] CWE-522: Insecure LDAP Authentication to GitHub Security Lab - 2 upvotes, $1800
  167. [Java] CWE-552: Query to detect unsafe request dispatcher usage to GitHub Security Lab - 2 upvotes, $1800
  168. [Python]: CWE-079: HTTP Header injection to GitHub Security Lab - 2 upvotes, $1800
  169. [CPP]: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf to GitHub Security Lab - 2 upvotes, $1800
  170. [Java] CWE-348: Use of less trusted source to GitHub Security Lab - 2 upvotes, $1000
  171. [C#]: HttpOnly and Secure Cookies for .NET Core and .NET to GitHub Security Lab - 2 upvotes, $1000
  172. ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code to GitHub Security Lab - 2 upvotes, $500
  173. Yet another SSRF query for Go to GitHub Security Lab - 2 upvotes, $450
  174. Yet another SSRF query for Javascript to GitHub Security Lab - 2 upvotes, $250
  175. Yet another SSRF query for Javascript to GitHub Security Lab - 2 upvotes, $250
  176. Yet another SSRF query for Javascript to GitHub Security Lab - 2 upvotes, $250
  177. [Java] CWE-295: Disabled certificate validation in JXBrowser to GitHub Security Lab - 2 upvotes, $0
  178. [Java]: CWE 295 - Insecure TrustManager - MiTM to GitHub Security Lab - 2 upvotes, $0
  179. [Javascript]: [Clipboard-based XSS] to GitHub Security Lab - 2 upvotes, $0
  180. [C#]: Deserialization sinks to GitHub Security Lab - 1 upvotes, $4500
  181. [Java] CWE-089: MyBatis Mapper XML SQL Injection to GitHub Security Lab - 1 upvotes, $4500
  182. [CATENACYBER]: [CPP] CWE-476 Null Pointer Dereference : Another query to either missing or redundant NULL check to GitHub Security Lab - 1 upvotes, $1800
  183. CodeQL query to detect XSLT injections to GitHub Security Lab - 1 upvotes, $1800
  184. Java: QL Query Detector for JHipster Generated CVE-2019-16303 to GitHub Security Lab - 1 upvotes, $1800
  185. [javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set to GitHub Security Lab - 1 upvotes, $1800
  186. [Java] CWE-601: Add Spring URL Redirect ResponseEntity sink to GitHub Security Lab - 1 upvotes, $1800
  187. [Java] CWE-400: Query to detect uncontrolled thread resource consumption to GitHub Security Lab - 1 upvotes, $1800
  188. [Python]: JWT security-related queries to GitHub Security Lab - 1 upvotes, $1800
  189. [C#] CWE-759: Query to detect password hash without a salt to GitHub Security Lab - 1 upvotes, $1800
  190. 3,880 Pull Requests Generated to fix JHipster RNG Vulnerability CVE-2019-16303 to GitHub Security Lab - 1 upvotes, $1500
  191. [Python]: Add shutil module sinks for path injection query to GitHub Security Lab - 1 upvotes, $1000
  192. CodeQL query to detect SSRF in Python to GitHub Security Lab - 1 upvotes, $500
  193. Java: CWE-918 - Server Side Request Forgery (SSRF) to GitHub Security Lab - 1 upvotes, $250
  194. Add check for disabled HTTPOnly setting in Tomcat to GitHub Security Lab - 1 upvotes, $250
  195. [Java] CWE-295 - Incorrect Hostname Verification - MitM to GitHub Security Lab - 1 upvotes, $0
  196. [JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass to GitHub Security Lab - 1 upvotes, $0
  197. [codeql-go]: Add CWE-79: HTML template escaping passthrough to GitHub Security Lab - 0 upvotes, $4500