CVE-2022-31538

The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31530

The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31512

The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31549

The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31576

The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31505

The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31541

The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-0085

Server-Side Request Forgery SSRF in GitHub repository dompdf/dompdf prior to 2.0.0...

CVE-2022-0986

Reflected Cross-site Scripting XSS Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11...

CVE-2022-0753

Cross-site Scripting XSS - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9...

CVE-2017-18365

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...

CVE-2020-10518

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

CVE-2020-10516

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

CVE-2020-10517

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any repository conten...

CVE-2020-10519

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

CVE-2023-4189

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

CVE-2023-4756

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2023-4721

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2023-4190

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11...

CVE-2023-4127

Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1...