Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github github vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-4281
A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.yml. The manipulation leads to os command injection. The name of the patch is 55b5a234c0fab935df5fb08365b...
Forthebadge For The Badge
9.8
CVSSv3
CVE-2022-4686
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos before 0.9.0.
Usememos Memos
9.8
CVSSv3
CVE-2022-4606
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress before 1.3.
Flatpress Flatpress
9.8
CVSSv3
CVE-2022-46255
An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary...
Github Enterprise Server 3.7.0
9.8
CVSSv3
CVE-2022-4446
PHP Remote File Inclusion in GitHub repository tsolucio/corebos before 8.0.
Corebos Corebos
9.8
CVSSv3
CVE-2022-4314
Improper Privilege Management in GitHub repository ikus060/rdiffweb before 2.5.2.
Ikus-soft Rdiffweb
9.8
CVSSv3
CVE-2022-3520
Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.0765.
Vim Vim
9.8
CVSSv3
CVE-2022-3751
SQL Injection in GitHub repository owncast/owncast before 0.0.13.
Owncast Project Owncast
9.8
CVSSv3
CVE-2022-41912
The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version.
Saml Project Saml
9.8
CVSSv3
CVE-2022-2650
Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger before 2.2.
Wger Wger
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »