Skip to main content
CVE-2021-22869 CRITICAL Act Now

An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Enterprise Server
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-40102 CRITICAL Act Now

An issue was discovered in Concrete CMS through 8.5.5. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization PHP Concrete Cms
NVD
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy