GitHub-Security-Lab
26 postsWe are excited to introduce the new CodeQL Community Packs, a comprehensive set of queries and models designed to enhance your code analysis capabilities. These packs are tailored to augment… The post Announcing CodeQL Community Packs appeared first on The GitHub Blog.
In this post, I’ll walk you through the vulnerabilities I uncovered in the GStreamer library and how I built a custom fuzzing generator to target MP4 files. The post Uncovering GStreamer secrets appeared first on The GitHub Blog.
Learn how I discovered 11 new vulnerabilities by writing CodeQL models for Gradio framework and how you can do it, too. The post CodeQL zero to hero part 4: Gradio framework case study appeared first on The GitHub Blog.
Learn about browser extension security and secure your extensions with the help of CodeQL. The post Attacking browser extensions appeared first on The GitHub Blog.
Vulnerability data has grown in volume and complexity over the past decade, but open source and programs like the Github Security Lab have helped supply chain security keep pace. The post Securing the open source supply chain: The essential role of CVEs appeared first on The GitHub Blog.
In this post, I'll exploit CVE-2024-5830, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. The post From object transition to RCE in the Chrome renderer appeared first on The GitHub Blog.
In this blog post, we'll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited. The post 3 ways to get Remote Code Execution in Kafka UI appeared first on The GitHub Blog.
In this blog post, we'll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited. The post 3 ways to get Remote Code Execution in Kafka UI appeared first on The GitHub Blog.
In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. The post Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties appeared first on The GitHub Blog.
Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects. The post Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects appeared first on The GitHub Blog.
Learn how to use CodeQL for security research and improve your security research workflow. The post CodeQL zero to hero part 3: Security research with CodeQL appeared first on The GitHub Blog.
This blog post is an in-depth walkthrough on how we perform security research leveraging GitHub features, including code scanning, CodeQL, and Codespaces. The post Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting appeared first on The GitHub Blog.
In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that allows a malicious app to gain arbitrary kernel code execution and root on an Android phone. I’ll show how this vulnerability can be exploited even when Memory Tagging Extension (MTE), a powerful mitigation, is enabled on the device. The post Gaining kernel code execution on an MTE-enabled Pixel 8 appeared first on The GitHub Blog.
The GitHub Security Lab teamed up with Ekoparty once again to create some challenges for its yearly Capture the Flag competition! The post GitHub and the Ekoparty 2023 Capture the Flag appeared first on The GitHub Blog.
This blog post describes two linked vulnerabilities found in Frigate, an AI-powered security camera manager, that could have enabled an attacker to silently gain remote code execution. The post Securing our home labs: Frigate code review appeared first on The GitHub Blog.
Using CVE-2023-43641 as an example, I’ll explain how to develop an exploit for a memory corruption vulnerability on Linux. The exploit has to bypass several mitigations to achieve code execution. The post Cueing up a calculator: an introduction to exploit development on Linux appeared first on The GitHub Blog.
The GitHub Security Lab examined the most popular open source software running on our home labs, with the aim of enhancing its security. Here's what we found and what you can do to better protect your own smart home. The post Securing our home labs: Home Assistant code review appeared first on The GitHub Blog.
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. The post Getting RCE in Chrome with incomplete object initialization in the Maglev compiler appeared first on The GitHub Blog.
CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME. The post Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641) appeared first on The GitHub Blog.
In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site. The post Getting RCE in Chrome with incorrect side effect in the JIT compiler appeared first on The GitHub Blog.