Vulnerabilities > Github > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-31 | CVE-2023-26485 | Resource Exhaustion vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-03-08 | CVE-2023-23760 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. | 8.8 |
| 2023-03-02 | CVE-2023-22381 | Code Injection vulnerability in Github Enterprise Server A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. | 8.8 |
| 2023-01-26 | CVE-2023-22486 | Resource Exhaustion vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-01-23 | CVE-2023-22483 | Algorithmic Complexity vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-01-23 | CVE-2023-22484 | Algorithmic Complexity vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2022-12-14 | CVE-2022-23741 | Incorrect Authorization vulnerability in Github Enterprise Server An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. | 7.2 |
| 2022-12-14 | CVE-2022-46256 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. | 8.8 |
| 2022-11-23 | CVE-2022-23740 | Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0 CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. | 8.8 |
| 2022-10-19 | CVE-2022-23734 | Deserialization of Untrusted Data vulnerability in Github Enterprise Server A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBridge. | 8.8 |