Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise repository vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3470
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an malicious user to use a deploy key pertaining to an organization to bypass an organization ruleset. An attacker would require access to a valid deploy key for a repository in...
4
CVSSv2
CVE-2021-22862
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed th...
Github Github 3.0.0
6.5
CVSSv2
CVE-2019-19937
In JFrog Artifactory prior to 6.18, it is not possible to restrict either system or repository imports by any admin user in the enterprise, which can lead to "undesirable results."
Jfrog Artifactory
4
CVSSv2
CVE-2018-16048
An issue exists in GitLab Community and Enterprise Edition prior to 11.0.6, 11.1.x prior to 11.1.5, and 11.2.x prior to 11.2.2. There is Missing Authorization Control for API Repository Storage.
Gitlab Gitlab
6.5
CVSSv2
CVE-2021-41154
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Co...
Enalean Tuleap
NA
CVE-2018-17537
An issue exists in GitLab Community and Enterprise Edition prior to 11.1.7, 11.2.x prior to 11.2.4, and 11.3.x prior to 11.3.1. blog-viewer has stored XSS during repository browsing, if package.json exists. .
Gitlab Gitlab
Gitlab Gitlab 11.3.0
6.5
CVSSv2
CVE-2019-12430
An issue exists in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection.
Gitlab Gitlab 11.11.0
5
CVSSv2
CVE-2019-15731
An issue exists in GitLab Community and Enterprise Edition 12.0 up to and including 12.2.1. Non-members were able to comment on merge requests despite the repository being set to allow only project members to do so.
Gitlab Gitlab
NA
CVE-2024-1908
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an malicious user to use the Enterprise Actions GitHub Connect download token to fetch private repository data. An attacker would require an account on the server instance with ...
4
CVSSv2
CVE-2021-27604
In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, SAP recommends to refer this note.
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.20
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »