Leveraging machine learning to find security vulnerabilities
A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts.
Dedicated to advancing the understanding and detection of software vulnerabilities—and explaining the latest vulnerability research from the GitHub Security Lab. Go behind the scenes with the GitHub Security Lab, a collaborative initiative that brings together security researchers, developers, and organizations to find and fix security vulnerabilities in open source software.
A behind-the-scenes peek into the machine learning framework powering new code scanning security alerts.
A comprehensive guide for vulnerability reporters.
How to exploit a double-free vulnerability in Ubuntu’s accountsservice (CVE-2021-3939)
Recently, the Copyright Office responded to the calls to clarify the scope of protected security research.
In this post, I’ll use three bugs that I reported to Qualcomm in the NPU (neural processing unit) driver to gain arbitrary kernel code execution as root user and disable SELinux from the untrusted app sandbox in an Android phone.
The Exiv2 team tightened our security by enabling GitHub’s code scanning feature and adding custom queries tailored to the Exiv2 code base.
This post is a technical analysis of a recently disclosed Chrome vulnerability in the garbage collector of v8 (CVE-2021-37975) that was believed to be exploited in the wild. This vulnerability was reported by an anonymous researcher and was patched on September 30, 2021 in Chrome version 94.0.4606.71. I’ll cover the root cause analysis of the bug, as well as detailed exploitation.
GitHub’s bug bounty team is excited to kick off Cybersecurity Awareness Month with a spotlight on two security researchers who participate in the GitHub Security Bug Bounty Program.
In this post, I’ll exploit a use-after-free (CVE-2021-30528) in the Chrome browser process that I reported to escape the Chrome sandbox. This is a fairly interesting bug that shows some of the subtleties involved in the interactions between C++ and Java in the Android version of Chrome.
This post is a technical analysis of a recently disclosed Chrome JIT vulnerability (CVE-2021-30632) that was believed to be exploited in the wild. This vulnerability was reported by an anonymous researcher and was patched on September 13, 2021 in Chrome version 93.0.4577.82. I’ll cover the root cause analysis of the bug, as well as detailed exploitation.
During an audit of Apache Dubbo v2.7.8 source code, I found multiple vulnerabilities enabling attackers to compromise and run arbitrary system commands on both Dubbo consumers and providers. In this blog post I detailed how I leveraged CodeQL as an audit oracle to help me find these issues.
We put out a call to open source developers and security researchers to talk about the security vulnerability disclosure process. Here’s what we found.
Between July 21, 2021 and August 13, 2021 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist.
GitHub’s bug bounty program is now a mature component of how we improve product security. We’re excited to highlight some achievements (and interesting vulnerabilities)!
polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.