Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github github vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
75 Github repositories
6 Articles
10
CVSSv3
CVE-2023-3765
Absolute Path Traversal in GitHub repository mlflow/mlflow before 2.5.0.
Lfprojects Mlflow
10
CVSSv3
CVE-2023-3432
Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml before 1.2023.9.
Plantuml Plantuml
Fedoraproject Fedora 39
10
CVSSv3
CVE-2023-2583
Code Injection in GitHub repository jsreport/jsreport before 3.11.3.
Jsreport Jsreport
10
CVSSv3
CVE-2023-2564
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.
Scanservjs Project Scanservjs
10
CVSSv3
CVE-2022-2595
Improper Authorization in GitHub repository kromitgmbh/titra before 0.79.1.
Kromit Titra
9.9
CVSSv3
CVE-2022-39321
GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these d...
Github Runner
9.9
CVSSv3
CVE-2022-2884
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 before 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint
Gitlab Gitlab
1 Github repository
9.9
CVSSv3
CVE-2022-2992
A vulnerability in GitLab CE/EE affecting all versions from 11.10 before 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.
Gitlab Gitlab
5 Github repositories
9.9
CVSSv3
CVE-2022-0939
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web before 0.6.18.
Calibre-web Project Calibre-web
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »