| 1 |
[ruby]: ZipSlip/TarSlip vulnerability detection |
$5500.0 |
| 2 |
[Java] CWE-326: Query to detect weak encryption with an insufficient key size |
$4500.0 |
| 3 |
Java: Query for detecting JEXL injections |
$4500.0 |
| 4 |
[Java] CWE-312: Query to detect cleartext storage of sensitive information using Android SharedPreferences |
$4500.0 |
| 5 |
Java: Query for detecting unsafe deserialization with Spring exporters |
$4500.0 |
| 6 |
[Python] CWE-400: Regular Expression Injection |
$4500.0 |
| 7 |
[Python] CWE-090: LDAP Injection |
$4500.0 |
| 8 |
C++: Support Pqxx connector to search for sql injections to Postgres |
$4500.0 |
| 9 |
Java: Unsafe deserialization with Jackson |
$4500.0 |
| 10 |
Java: Timing attacks while comparing results of cryptographic operations |
$4500.0 |
| 11 |
[C#]: Deserialization sinks |
$4500.0 |
| 12 |
[cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics |
$4500.0 |
| 13 |
PYTHON: CWE-079 - Add query for email injection |
$4500.0 |
| 14 |
cpp: if (a+b>c) a=c-b is incorrect if a+b overflows |
$4500.0 |
| 15 |
Java (Maven): Actually fix the use of insecure protocol to download/upload artifacts |
$4000.0 |
| 16 |
CodeQL query for finding LDAP Injection (CWE-90) vulnerabilities in Java |
$3000.0 |
| 17 |
LDAP injection vulnerability in Java |
$2500.0 |
| 18 |
Java (Maven): Use of insecure protocol to download/upload artifacts |
$2300.0 |
| 19 |
CodeQL query to detect JNDI injections |
$2300.0 |
| 20 |
CodeQL query for MVEL injections |
$2300.0 |
| 21 |
CodeQL query for SpEL injections |
$2300.0 |
| 22 |
CodeQL query to detect OGNL injections |
$2300.0 |
| 23 |
Java: CWE-522 Insecure basic authentication |
$2300.0 |
| 24 |
Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks |
$2300.0 |
| 25 |
[Ruby]: Server Side Template Injection |
$2300.0 |
| 26 |
CodeQL query for finding CSRF vulnerabilities in Spring applications |
$1800.0 |
| 27 |
Java/CWE-036: Calling openStream on URLs created from remote source can lead to file disclosure |
$1800.0 |
| 28 |
Initial websocket support for Javascript (SockJS) |
$1800.0 |
| 29 |
[Java] CWE-939 - Address improper URL authorization |
$1800.0 |
| 30 |
CodeQL query to detect open Spring Boot actuator endpoints |
$1800.0 |
| 31 |
CodeQL query for unsafe TLS versions |
$1800.0 |
| 32 |
Java: CWE-297 Insecure JavaMail SSL configuration |
$1800.0 |
| 33 |
Java : CWE-548 - J2EE server directory listing enabled |
$1800.0 |
| 34 |
Java: CWE-273 Unsafe certificate trust |
$1800.0 |
| 35 |
CodeQL query for disabled revocation checking |
$1800.0 |
| 36 |
[CATENACYBER]: [CPP] CWE-476 Null Pointer Dereference : Another query to either missing or redundant NULL check |
$1800.0 |
| 37 |
CodeQL query to detect XSLT injections |
$1800.0 |
| 38 |
[Java] CWE-927: Sensitive broadcast |
$1800.0 |
| 39 |
Java: Detect remote source from Android intent extra |
$1800.0 |
| 40 |
Java: QL Query Detector for JHipster Generated CVE-2019-16303 |
$1800.0 |
| 41 |
CPP: CWE-191 into experimental this reveals a dangerous comparison |
$1800.0 |
| 42 |
[Java] CWE-755: Query to detect Local Android DoS caused by NFE |
$1800.0 |
| 43 |
Java: CWE-600 Uncaught servlet exception |
$1800.0 |
| 44 |
[Java] CWE-555: Query to detect password in Java EE configuration files |
$1800.0 |
| 45 |
ihsinme: CPP Add query for CWE-401 memory leak on unsuccessful call to realloc function |
$1800.0 |
| 46 |
[JavaScript]: add query for Express-HBS LFR |
$1800.0 |
| 47 |
[Java] CWE-522: Insecure LDAP authentication |
$1800.0 |
| 48 |
[Java] CWE-489: Query to detect main() method in Java EE applications |
$1800.0 |
| 49 |
ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat. |
$1800.0 |
| 50 |
[Java] CWE-327: Add more broken crypto algorithms |
$1800.0 |
| 51 |
[Java] CWE-598: Use of GET Request Method with Sensitive Query Strings |
$1800.0 |
| 52 |
[Java] CWE-297: Insecure LDAP endpoint configuration |
$1800.0 |
| 53 |
ihsinme: CPP Add query for CWE-570 detect and handle memory allocation errors. |
$1800.0 |
| 54 |
[Java] Query for detecting Jakarta Expression Language injections |
$1800.0 |
| 55 |
[Java] CWE-094: Rhino code injection |
$1800.0 |
| 56 |
[Java] CWE-094: Jython code injection |
$1800.0 |
| 57 |
[GO]: CWE-326: Insufficient key size |
$1800.0 |
| 58 |
Python: Add support of clickhouse-driver package |
$1800.0 |
| 59 |
ihsinme:CPP Add query for CWE-415 Double Free |
$1800.0 |
| 60 |
[Java]: CWE-730 Regex injection |
$1800.0 |
| 61 |
ihsinme: CPP Add query for CWE-1126: Declaration of Variable with Unnecessarily Wide Scope |
$1800.0 |
| 62 |
ihsinme: CPP Add query for CWE-783 Operator Precedence Logic Error When Use Bool Type |
$1800.0 |
| 63 |
Java: CodeQL query for unsafe RMI deserialization |
$1800.0 |
| 64 |
[Java]: CWE-665 Insecure environment during RMI/JMX Server initialisation - All for one bounty |
$1800.0 |
| 65 |
[Python] CWE-287: LDAP Improper Authentication |
$1800.0 |
| 66 |
Java: Static initialization vector |
$1800.0 |
| 67 |
[Java] CWE-079: Query to detect XSS with JavaServer Faces (JSF) |
$1800.0 |
| 68 |
ihsinme: Add query for CWE-758 Reliance on Undefined, Unspecified, or Implementation-Defined Behavior |
$1800.0 |
| 69 |
[Python] CWE-522: Insecure LDAP Authentication |
$1800.0 |
| 70 |
[Java] CWE-200: Query to detect exposure of sensitive information from android file intent |
$1800.0 |
| 71 |
[Java] CWE-502: Unsafe deserialization with three JSON frameworks |
$1800.0 |
| 72 |
[Java] CWE-552: Query to detect unsafe request dispatcher usage |
$1800.0 |
| 73 |
[Java] CWE-400: Query to detect uncontrolled thread resource consumption |
$1800.0 |
| 74 |
[Python]: JWT security-related queries |
$1800.0 |
| 75 |
[Python]: CWE-079: HTTP Header injection |
$1800.0 |
| 76 |
[Java]: CWE-200 - Query to detect insecure WebResourceResponse implementation |
$1800.0 |
| 77 |
[Python]: CWE-611: XXE |
$1800.0 |
| 78 |
Python: CWE-338 insecureRandomness |
$1800.0 |
| 79 |
[C#] CWE-759: Query to detect password hash without a salt |
$1800.0 |
| 80 |
CPP: Add query for CWE-266 Incorrect Privilege Assignment |
$1800.0 |
| 81 |
[Java]: CWE-073 - File path injection with the JFinal framework |
$1800.0 |
| 82 |
Java: An experimental query for ignored hostname verification |
$1800.0 |
| 83 |
[Java]: CWE-321 - Query to detect hardcoded JWT secret keys |
$1800.0 |
| 84 |
[Java]: CWE-552 Add sources and sinks to detect unsafe getResource calls in Java EE applications |
$1800.0 |
| 85 |
[CPP]: Add query for CWE-754: Improper Check for Unusual or Exceptional Conditions when using functions scanf |
$1800.0 |
| 86 |
[Java]: Flow sources and steps for JMS and RabbitMQ |
$1800.0 |
| 87 |
[CPP]: Add query for CWE-297: Improper Validation of Certificate with Host Mismatch |
$1800.0 |
| 88 |
[JAVA]: Partial Path Traversal |
$1800.0 |
| 89 |
[Javascript]: Add new queries for Javascript Github Actions |
$1800.0 |
| 90 |
[Python]: Timing attack |
$1800.0 |
| 91 |
[CPP]: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions |
$1800.0 |
| 92 |
Netty HTTP Response Splitting (CRLF Injection) due to disabled header validation |
$1500.0 |
| 93 |
Java: CWE-939 - Address improper URL authorization |
$1500.0 |
| 94 |
3,880 Pull Requests Generated to fix JHipster RNG Vulnerability CVE-2019-16303 |
$1500.0 |
| 95 |
Adds CodeQL query to check for insecure RequestValidationMode in ASP.NET |
$1000.0 |
| 96 |
CodeQL query to detect pages with validationRequest disabled |
$1000.0 |
| 97 |
CodeQL query to detect insecure MaxLengthRequest values in ASP.NET applications |
$1000.0 |
| 98 |
CodeQL query for finding ReDoS and Regex Injection vulnerabilities in Java |
$1000.0 |
| 99 |
Java: CWE-798 - Hardcoded AWS credentials |
$1000.0 |
| 100 |
ihsinme: CPP Add query for CWE-14 compiler removal of code to clear buffers. |
$1000.0 |
| 101 |
ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strlen. |
$1000.0 |
| 102 |
ihsinme: CPP add query for: CPP Add query for CWE-20 Improper Input Validation |
$1000.0 |
| 103 |
[Java] CWE-759: Query to detect password hash without a salt |
$1000.0 |
| 104 |
[Java] CWE-1004: Query to check sensitive cookies without the HttpOnly flag set |
$1000.0 |
| 105 |
ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management When Using Bit Operations |
$1000.0 |
| 106 |
[GO] CWE-1004: Sensitive cookie without HttpOnly |
$1000.0 |
| 107 |
[JavaScript]: CWE-1004: Sensitive cookie without HttpOnly |
$1000.0 |
| 108 |
[C#]: HttpOnly and Secure Cookies for .NET Core and .NET |
$1000.0 |
| 109 |
Java: Regex injection |
$1000.0 |
| 110 |
ihsinme: CPP Add query for CWE-675 Duplicate Operations on Resource |
$1000.0 |
| 111 |
CPP: Add query for CWE-377 Insecure Temporary File |
$1000.0 |
| 112 |
[Java]: Timing attacks while comparing the headers value |
$1000.0 |
| 113 |
ihsinme: CPP Add a query to find incorrectly used exceptions. |
$1000.0 |
| 114 |
[python]: Zip Slip Vulnerability |
$1000.0 |
| 115 |
CPP: Add query for CWE-243 Creation of chroot Jail Without Changing Working Directory |
$1000.0 |
| 116 |
[Java]: CWE-625 - Query to detect regex dot bypass |
$1000.0 |
| 117 |
[CPP]: Add query for CWE-125 Out-of-bounds Read with different interpretation of the string when use mbtowc |
$1000.0 |
| 118 |
[CPP]Add query to detect bugs like CVE-2017-5123 |
$1000.0 |
| 119 |
[Go]: Add Beego.Input.RequestBody source to Beego framework |
$1000.0 |
| 120 |
JavaScript: Add some new XSS sinks and sources of Next.js (and some extra improvements) |
$1000.0 |
| 121 |
CPP: Add query for CWE-369: Divide By Zero. |
$1000.0 |
| 122 |
CodeQL query to detect weak (duplicated) encryption keys for ASP.NET Telerik Upload |
$500.0 |
| 123 |
Java: CWE-532 sensitive info logging |
$500.0 |
| 124 |
CodeQL query to detect SSRF in Python |
$500.0 |
| 125 |
ihsinme: CPP Add query for CWE-691 Insufficient Control Flow Management After Refactoring The Code |
$500.0 |
| 126 |
[CPP]: Add query for CWE-190: Integer Overflow or Wraparound when using transform after operation |
$500.0 |
| 127 |
[Java] CWE-016: Query to detect insecure configuration of Spring Boot Actuator |
$500.0 |
| 128 |
Yet another SSRF query for Go |
$450.0 |
| 129 |
Yet another SSRF query for Go |
$450.0 |
| 130 |
Java: CWE-918 - Server Side Request Forgery (SSRF) |
$250.0 |
| 131 |
[Java]: CWE-523 Insecure HSTS configuration |
$250.0 |
| 132 |
Yet another SSRF query for Javascript |
$250.0 |
| 133 |
Yet another SSRF query for Javascript |
$250.0 |
| 134 |
CWE-094 ScriptEngine in java |
$0.0 |
| 135 |
XPath Injection query in java |
$0.0 |
| 136 |
Dynamic reflection class |
$0.0 |
| 137 |
CPP: Out of order Linux permission dropping without checking return codes |
$0.0 |
| 138 |
Go/CWE-643: XPath Injection Query in Go |
$0.0 |
| 139 |
CPP: Out of order Linux permission dropping without checking return codes |
$0.0 |
| 140 |
CPP: Missing/incomplete TLS server certificate hostname validation |
$0.0 |
| 141 |
gagliardetto: Query to detect incorrect conversion between numeric types |
$0.0 |
| 142 |
CodeQL query to detect Server-Side Template Injections (JavaScript) |
$0.0 |
| 143 |
[Java] CWE-295 - Incorrect Hostname Verification - MitM |
$0.0 |
| 144 |
[javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage |
$0.0 |
| 145 |
Python : Add query to detect Server Side Template Injection |
$0.0 |
| 146 |
Golang : Improvements to Golang SSRF query |
$0.0 |
| 147 |
[javascript] CWE-117: CodeQL query to detect Log Injection |
$0.0 |
| 148 |
Query to find TLS configurations supporting hardcoded insecure versions of the protocol and cipher suites |
$0.0 |
| 149 |
Java : add MongoDB injection sinks |
$0.0 |
| 150 |
Java: Add SSRF query for Java |
$0.0 |
| 151 |
[javascript] CWE-614: CodeQL query to detect if cookies are sent without the flag secure being set |
$0.0 |
| 152 |
codeql-go: Expand Go standard library taint-tracking models to 63 packages, 554 models and 733 tests (from ~13 packages, ~103 models, ~50 tests) |
$0.0 |
| 153 |
[javascript] CWE-90: CodeQL to detect LDAP Injection |
$0.0 |
| 154 |
Java : add fastjson detection. Improve RemoteFlowSource class, support SpringMvc |
$0.0 |
| 155 |
Add check for disabled HTTPOnly setting in Tomcat |
$0.0 |
| 156 |
Golang : Add MongoDb NoSQL injection sinks |
$0.0 |
| 157 |
Golang : Add Email Content Injection query |
$0.0 |
| 158 |
[Java] CWE-295: Disabled certificate validation in JXBrowser |
$0.0 |
| 159 |
[golang] Division by zero query |
$0.0 |
| 160 |
Java : Add a query to detect Spring View Manipulation Vulnerability |
$0.0 |
| 161 |
Java : Add query to detect Apache Struts enabled Development mode |
$0.0 |
| 162 |
Java: Fix NashornScriptEngine detection in ScriptEngine query |
$0.0 |
| 163 |
[codeql-go]: Add query to find use of constant state parameter in Oauth2 flow |
$0.0 |
| 164 |
Java : Add query for detecting Log Injection vulenrabilities |
$0.0 |
| 165 |
Java : Add query for detecting Log Injection vulenrabilities |
$0.0 |
| 166 |
Java: CWE-346 Queries to detect remote source flow to CORS Headers |
$0.0 |
| 167 |
Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') |
$0.0 |
| 168 |
[codeql-go]: Add CWE-79: HTML template escaping passthrough |
$0.0 |
| 169 |
porcupiney.hairs : Java/Android - Insecure Loading of a Dex File |
$0.0 |
| 170 |
[JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass |
$0.0 |
| 171 |
[Java] CWE-348: Use of less trusted source |
$0.0 |
| 172 |
Java: JSONP Injection |
$0.0 |
| 173 |
[Java] CWE-094: Query to detect Groovy Code Injections |
$0.0 |
| 174 |
[Java]: CWE-601 Spring url redirection detect |
$0.0 |
| 175 |
[Java] CWE-078: Add JSch lib OS Command Injection sink |
$0.0 |
| 176 |
[JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass |
$0.0 |
| 177 |
[Java] CWE-295 - Incorrect Hostname Verification - MitM |
$0.0 |
| 178 |
[Java] BeanShell Injection |
$0.0 |
| 179 |
[Java]: CWE-502 Add UnsafeDeserialization sinks |
$0.0 |
| 180 |
[Java]: CWE 295 - Insecure TrustManager - MiTM |
$0.0 |
| 181 |
[Java] JShell Injection |
$0.0 |
| 182 |
[Java]: CWE 295 - Insecure TrustManager - MiTM |
$0.0 |
| 183 |
[Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks |
$0.0 |
| 184 |
[go]: Add query for detecting CORS misconfiguration |
$0.0 |
| 185 |
[Java] CWE-601: Add Spring URL Redirect ResponseEntity sink |
$0.0 |
| 186 |
[Python]: Add SqlAlchemy support for SQL injection query |
$0.0 |
| 187 |
[Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') |
$0.0 |
| 188 |
[Python] CWE-943: Add NoSQL Injection Query |
$0.0 |
| 189 |
[Java]: Add XXE sinks |
$0.0 |
| 190 |
New experimental query: Clipboard-based XSS |
$0.0 |
| 191 |
[Python] CWE-348: Client supplied ip used in security check |
$0.0 |
| 192 |
[Python]: CWE-117 Log Injection |
$0.0 |
| 193 |
[Java] CWE-552: Unsafe url forward |
$0.0 |
| 194 |
C# : Add query to detect Server Side Request Forgery |
$0.0 |
| 195 |
[Java] CWE-089: MyBatis Mapper XML SQL Injection |
$0.0 |
| 196 |
[Javascript]: [Clipboard-based XSS] |
$0.0 |
| 197 |
[GO]: [CWE-090: LDAP Injection All For One] |
$0.0 |
| 198 |
Yet another SSRF query for Go |
$0.0 |
| 199 |
Yet another SSRF query for Javascript |
$0.0 |
| 200 |
Yet another SSRF query for Go |
$0.0 |
| 201 |
Yet another SSRF query for Javascript |
$0.0 |
| 202 |
[Java]: Add JDBC connection SSRF sinks |
$0.0 |
| 203 |
Java : Add query to detect Server Side Template Injection (SSTI) |
$0.0 |
| 204 |
[Python]: Add shutil module sinks for path injection query |
$0.0 |
| 205 |
[Python]: Add Server-side Request Forgery sinks |
$0.0 |
| 206 |
Golang : Hardcoded secret used for signing JWT |
$0.0 |
| 207 |
Golang : Add Query To Detect PAM Authorization Bugs |
$0.0 |
| 208 |
[porcupiney.hairs]: [Python] Add Flask Path injection sinks |
$0.0 |
| 209 |
CPP: Pam Authorization Bypass |
$0.0 |
| 210 |
C/C++: Command injection via wordexp |
$0.0 |
| 211 |
[python] TarSlip vulnerability improvements |
$0.0 |
| 212 |
Python : Add query to detect PAM authorization bypass |
$0.0 |
| 213 |
[Python] Unsafe unpacking using shutil.unpack_archive() query and tests |
$0.0 |
| 214 |
[Python] Add Unicode Bypass Validation query tests and help |
$0.0 |
| 215 |
[Python] Unsafe Unpacking and TarSlip bug slaying |
$0.0 |
| 216 |
[python]: Add some dangerous sinks for paramiko ssh clients |
$0.0 |
| 217 |
Go : Add more JWT sinks |
$0.0 |