Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github github vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-3975
OS Command Injection in GitHub repository jgraph/drawio before 21.5.0.
Diagrams Drawio
9.8
CVSSv3
CVE-2023-35941
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the som...
Envoyproxy Envoy
9.8
CVSSv3
CVE-2020-36762
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgradi...
Ons Ras Collection Instrument
9.8
CVSSv3
CVE-2023-3696
Prototype Pollution in GitHub repository automattic/mongoose before 7.3.4.
Mongoosejs Mongoose
9.8
CVSSv3
CVE-2023-3490
SQL Injection in GitHub repository fossbilling/fossbilling before 0.5.3.
Fossbilling Fossbilling
9.8
CVSSv3
CVE-2023-3224
Code Injection in GitHub repository nuxt/nuxt before 3.5.3.
Nuxt Nuxt
1 Github repository
9.8
CVSSv3
CVE-2023-3173
Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor before 2.0.20.
Froxlor Froxlor
9.8
CVSSv3
CVE-2023-34111
The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of `${{ github.event.pull_request.title }}` in a bash co...
Tdengine Grafana
9.8
CVSSv3
CVE-2023-3069
Unverified Password Change in GitHub repository tsolucio/corebos before 8.
Corebos Corebos
9.8
CVSSv3
CVE-2023-2972
Prototype Pollution in GitHub repository antfu/utils before 0.7.3.
Antfu Utils
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »