Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github github vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-1269
Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments before 1.5.0.
Easyappointments Easyappointments
9.8
CVSSv3
CVE-2022-2024
OS Command Injection in GitHub repository gogs/gogs before 0.12.11.
Gogs Gogs
9.8
CVSSv3
CVE-2023-0947
Path Traversal in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
9.8
CVSSv3
CVE-2023-0788
Code Injection in GitHub repository thorsten/phpmyfaq before 3.1.11.
Phpmyfaq Phpmyfaq
9.8
CVSSv3
CVE-2023-0789
Command Injection in GitHub repository thorsten/phpmyfaq before 3.1.11.
Phpmyfaq Phpmyfaq
9.8
CVSSv3
CVE-2023-25560
DataHub is an open-source metadata platform. The AuthServiceClient which is responsible for creation of new accounts, verifying credentials, resetting them or requesting access tokens, crafts multiple JSON strings using format strings with user-controlled data. This means that an...
Datahub Project Datahub
9.8
CVSSv3
CVE-2023-25561
DataHub is an open-source metadata platform. In the event a system is using Java Authentication and Authorization Service (JAAS) authentication and that system is given a configuration which contains an error, the authentication for the system will fail open and allow an maliciou...
Datahub Project Datahub
9.8
CVSSv3
CVE-2023-25562
DataHub is an open-source metadata platform. In versions of DataHub before 0.8.45 Session cookies are only cleared on new sign-in events and not on logout events. Any authentication checks using the `AuthUtils.hasValidSessionCookie()` method could be bypassed by using a cookie fr...
Datahub Project Datahub
9.8
CVSSv3
CVE-2023-0777
Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa before 2.0.4.
Modoboa Modoboa
9.8
CVSSv3
CVE-2023-0744
Improper Access Control in GitHub repository answerdev/answer before 1.0.4.
Answer Answer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »