Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github github vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-1531
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.
Rtx Project Rtx
10
CVSSv2
CVE-2022-1440
Command Injection vulnerability in git-interface@2.1.1 in GitHub repository yarkeev/git-interface before 2.1.2. If both are provided by user input, then the use of a `--upload-pack` command-line argument feature of git is also supported for `git clone`, which would then allow for...
Git-interface Project Git-interface
10
CVSSv2
CVE-2022-0845
Code Injection in GitHub repository pytorchlightning/pytorch-lightning before 1.6.0.
Pytorchlightning Pytorch Lightning
10
CVSSv2
CVE-2022-0848
OS Command Injection in GitHub repository part-db/part-db before 0.5.11.
Part-db Project Part-db
2 Github repositories
10
CVSSv2
CVE-2022-0841
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.
Npm-lockfile Project Npm-lockfile 2.0.3
Npm-lockfile Project Npm-lockfile 2.0.4
10
CVSSv2
CVE-2021-34473
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
17 Github repositories
10 Articles
10
CVSSv2
CVE-2021-26275
The eslint-fixer package up to and including 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been in...
Eslint-fixer Project Eslint-fixer
10
CVSSv2
CVE-2020-27955
Git LFS 2.12.0 allows Remote Code Execution.
Git Large File Storage Project Git Large File Storage 2.12.0
21 Github repositories
10
CVSSv2
CVE-2015-3306
The mod_copy module in ProFTPD 1.3.5 allows remote malicious users to read and write to arbitrary files via the site cpfr and site cpto commands.
Proftpd Proftpd 1.3.5
3 EDB exploits
15 Github repositories
9.3
CVSSv2
CVE-2022-21668
pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an malicious user to insert a specially crafted string inside a comment anywhere within a requirements.txt fil...
Pypa Pipenv
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »