Vulnerabilities > Github

DATE CVE VULNERABILITY TITLE RISK
2023-01-08 CVE-2015-10031 Unspecified vulnerability in Github 491-Project
A vulnerability classified as critical was found in purpleparrots 491-Project.
network
low complexity
github
critical
9.8
2022-12-14 CVE-2022-23741 Incorrect Authorization vulnerability in Github Enterprise Server
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges.
network
low complexity
github CWE-863
7.2
2022-12-14 CVE-2022-46255 Path Traversal vulnerability in Github Enterprise Server 3.7.0
An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution.
network
low complexity
github CWE-22
critical
9.8
2022-12-14 CVE-2022-46256 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site.
network
low complexity
github CWE-22
8.8
2022-12-01 CVE-2022-23737 Improper Privilege Management vulnerability in Github Enterprise Server
An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API.
network
low complexity
github CWE-269
6.5
2022-11-23 CVE-2022-23740 Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution.
network
low complexity
github CWE-88
8.8
2022-11-01 CVE-2022-23738 Files or Directories Accessible to External Parties vulnerability in Github Enterprise Server
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository.
network
low complexity
github CWE-552
5.7
2022-10-25 CVE-2022-39321 OS Command Injection vulnerability in Github Runner
GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow.
network
low complexity
github CWE-78
critical
9.9
2022-10-19 CVE-2022-23734 Deserialization of Untrusted Data vulnerability in Github Enterprise Server
A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBridge.
network
low complexity
github CWE-502
8.8
2022-09-15 CVE-2022-39209 Algorithmic Complexity vulnerability in multiple products
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C.
network
low complexity
github fedoraproject CWE-407
6.5