Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55657

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists that allows for a permanent fork pull request workflow approval gate bypass. This issue enables an attacker to circumvent the required approval...

8.9CVSS6AI score0.00201EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2026/03/23 4:0 p.m.9 views

GitHub expands application security coverage with AI‑powered detections

AI is accelerating software development and expanding the range of languages and frameworks used in modern repositories. Security teams are increasingly responsible for protecting code written across many ecosystems, not just the core enterprise languages traditionally covered by static analysis...

6AI score
Exploits0
Cvelist
Cvelist
added 2025/09/30 12:12 a.m.30 views

CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow

serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...

10CVSS0.00342EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/01 9:5 p.m.40 views

CVE-2024-38368 Trunk's 'Claim your pod' could be used to obtain un-used pods

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the pre-2014 pull request workflow to trunk. If the pods had never been claimed then it was still possible to do so. It was also possible to have all...

9.3CVSS0.14851EPSS
Exploits0References5
Rows per page
Query Builder