Vulnerabilities > Github > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2022-23739 | Incorrect Authorization vulnerability in Github Enterprise Server An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. | 9.8 |
| 2023-01-08 | CVE-2015-10031 | SQL Injection vulnerability in Github 491-Project A vulnerability classified as critical was found in purpleparrots 491-Project. | 9.8 |
| 2022-12-14 | CVE-2022-46255 | Path Traversal vulnerability in Github Enterprise Server 3.7.0 An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. | 9.8 |
| 2022-10-25 | CVE-2022-39321 | OS Command Injection vulnerability in Github Runner GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. | 9.9 |
| 2022-03-03 | CVE-2022-24724 | Integer Overflow or Wraparound vulnerability in multiple products cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. | 9.8 |
| 2021-09-24 | CVE-2021-22869 | Improper Authentication vulnerability in Github Enterprise Server An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. | 9.8 |