| 121 |
Sonar is destroying my job and it's driving me to despair |
2024-07-02 |
| 115 |
Union, intersection, difference, and more are coming to JavaScript Sets |
2024-02-19 |
| 43 |
Zabbix – A Case Study of Unsafe Session Storage |
2022-02-18 |
| 5 |
Unknown Security Pitfalls for Python (2021) |
2022-01-31 |
| 4 |
Supply Chain Attack on Composer |
2021-04-29 |
| 4 |
Code Vulnerabilities Leak Emails in Proton Mail |
2023-09-06 |
| 3 |
Encoding Differentials: Why Charset Matters |
2024-07-17 |
| 3 |
__dirname is back in Node.js with ES modules |
2024-05-02 |
| 3 |
Vulnerable Regular Expressions in JavaScript |
2023-12-19 |
| 3 |
PfSense Security: Sensing Code Vulnerabilities with SonarCloud |
2023-12-12 |
| 3 |
Disclosing information with a side-channel in Django |
2022-07-29 |
| 3 |
Securing Developer Tools: Git Integrations |
2022-03-16 |
| 3 |
Cognitive Complexity (2017) [pdf] |
2021-07-15 |
| 2 |
Sanitize Client-Side: Why Server-Side HTML Sanitization Is Doomed to Fail |
2024-11-07 |
| 2 |
Unpatched Vulnerabilities in Gogs |
2024-07-04 |
| 2 |
Stop Nesting Ternaries in JavaScript |
2023-12-12 |
| 2 |
Remote Code Execution in Tutanota Desktop Due to Code Flaw |
2023-09-22 |
| 2 |
SonarQube: Open-source tool for continuous inspection of code quality |
2022-12-24 |
| 2 |
Securing Developer Tools: Argument Injection in Visual Studio Code |
2022-08-23 |
| 2 |
Horde Webmail 5.2.22 – Account Takeover via Email |
2022-04-04 |
| 2 |
Yarn, Pip, Composer and co: Vulnerabilities in popular package managers |
2022-03-09 |
| 2 |
Zabbix SAML Authentication Bypass (CVE-2022-23131) and more |
2022-02-17 |
| 2 |
Sonarsource's PL/I static code analysis rules |
2021-07-26 |
| 2 |
Code security: now there's a tool for developers |
2020-12-14 |
| 2 |
Code Security Advent Calendar 2020 |
2020-11-30 |
| 2 |
For secure code, maintainability matters |
2020-10-20 |
| 2 |
False positives are our enemies, but may still be your friends |
2020-09-16 |
| 2 |
Getting timely, accurate feedback on your C++ from the SonarQube ecosystem |
2020-09-14 |
| 1 |
Structure101 Joins Sonar |
2024-10-16 |
| 1 |
WordPress Vulnerability – Since 2017? |
2023-01-09 |
| 1 |
Checkmk: Remote Code Execution by Chaining Multiple Bugs (2/3) |
2022-11-14 |
| 1 |
Continuous Inspection |
2012-12-20 |
| 1 |
Exploiting File Writes in Hardened Environments - From HTTP Request to ROP Chain |
2024-11-13 |
| 1 |
mXSS: Mutation Cross-Site Scripting Explainer |
2024-10-10 |
| 1 |
Increase Readability with Java's Pattern Matching |
2024-03-06 |
| 1 |
Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins |
2024-01-27 |
| 1 |
Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity |
2023-10-02 |
| 1 |
Hands on with the built-in Node.js test runner |
2023-06-30 |
| 1 |
ES2023 introduces new array copying methods to JavaScript |
2023-05-11 |
| 1 |
Code Security Advent Calendar 2021 |
2021-11-30 |
| 1 |
SonarCloud finds bugs in high-quality Python projects |
2020-11-03 |
| 1 |
RCE in OpenEMR 5.0.2.1 Electronic Medical Records |
2020-10-29 |
| 1 |
Lay a strong foundation by writing secure C and C++ utilities |
2020-10-14 |
| 1 |
What's worse than coding without tests? Coding with bad tests |
2020-08-11 |
| 1 |
Sonarsource, detect C++ buffer overflows in Posix functions |
2020-05-28 |
| 1 |
Cognitive Complexity, Because Testability = Understandability |
2017-01-05 |
| 3 |
Sonar to Acquire Tidelift to Reduce Risk from Open Source Software |
2024-12-19 |