Vulnerabilities > Github

DATE CVE VULNERABILITY TITLE RISK
2022-08-15 CVE-2022-35954 Injection vulnerability in Github Toolkit
The GitHub Actions ToolKit provides a set of packages to make creating actions easier.
network
low complexity
github CWE-74
5.0
2022-08-02 CVE-2022-23733 Cross-site Scripting vulnerability in Github Enterprise Server
A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes.
network
low complexity
github CWE-79
5.4
2022-04-05 CVE-2022-23732 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections.
network
low complexity
github CWE-22
8.8
2022-03-03 CVE-2022-24724 cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark.
network
low complexity
github fedoraproject
critical
9.8
2022-03-02 CVE-2022-24722 Cross-site Scripting vulnerability in Github Viewcomponent
VIewComponent is a framework for building view components in Ruby on Rails.
network
low complexity
github CWE-79
6.1
2022-02-18 CVE-2021-41599 Unspecified vulnerability in Github Enterprise Server
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site.
network
low complexity
github
8.8
2022-02-01 CVE-2022-21687 Improper Input Validation vulnerability in Github Gh-Ost
gh-ost is a triggerless online schema migration solution for MySQL.
network
low complexity
github CWE-20
6.5
2022-01-25 CVE-2021-41598 Unspecified vulnerability in Github Enterprise Server
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval.
network
low complexity
github
8.8
2021-11-10 CVE-2021-22870 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files.
network
low complexity
github CWE-22
6.5
2021-09-24 CVE-2021-22868 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site.
network
low complexity
github CWE-22
4.3