Vulnerabilities > Github > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-31 CVE-2023-26485 Unspecified vulnerability in Github Cmark-Gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C.
network
low complexity
github
7.5
2023-03-08 CVE-2023-23760 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site.
network
low complexity
github CWE-22
8.8
2023-03-02 CVE-2023-22381 Code Injection vulnerability in Github Enterprise Server
A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner.
network
low complexity
github CWE-94
8.8
2023-01-26 CVE-2023-22486 Resource Exhaustion vulnerability in Github Cmark-Gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C.
network
low complexity
github CWE-400
7.5
2023-01-23 CVE-2023-22483 Algorithmic Complexity vulnerability in Github Cmark-Gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C.
network
low complexity
github CWE-407
7.5
2023-01-23 CVE-2023-22484 Algorithmic Complexity vulnerability in Github Cmark-Gfm
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C.
network
low complexity
github CWE-407
7.5
2022-12-14 CVE-2022-23741 Incorrect Authorization vulnerability in Github Enterprise Server
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges.
network
low complexity
github CWE-863
7.2
2022-12-14 CVE-2022-46256 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site.
network
low complexity
github CWE-22
8.8
2022-11-23 CVE-2022-23740 Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution.
network
low complexity
github CWE-88
8.8
2022-10-19 CVE-2022-23734 Deserialization of Untrusted Data vulnerability in Github Enterprise Server
A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBridge.
network
low complexity
github CWE-502
8.8