Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github enterprise server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-0200
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into a...
Github Enterprise Server
8.8
CVSSv3
CVE-2023-46647
Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affe...
Github Enterprise Server
7.5
CVSSv3
CVE-2023-46648
An insufficient entropy vulnerability was identified in GitHub Enterprise Server (GHES) that allowed an malicious user to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pendi...
Github Enterprise Server
Github Enterprise Server 3.11.0
7
CVSSv3
CVE-2023-46649
A race condition in GitHub Enterprise Server was identified that could allow an attacker administrator access. To exploit this, an organization needs to be converted from a user. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in versi...
Github Enterprise Server
Github Enterprise Server 3.11.0
4.9
CVSSv3
CVE-2023-51379
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and iss...
Github Enterprise Server
Github Enterprise Server 3.11.0
4.3
CVSSv3
CVE-2023-51380
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9...
Github Enterprise Server
Github Enterprise Server 3.11.0
2
CVSSv3
CVE-2023-6690
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and abov...
Github Enterprise Server
Github Enterprise Server 3.11.0
5.7
CVSSv3
CVE-2023-6746
An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would...
Github Enterprise Server
Github Enterprise Server 3.11.0
6.5
CVSSv3
CVE-2023-6802
An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an malicious user to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterpri...
Github Enterprise Server
Github Enterprise Server 3.11.0
2 Github repositories
4
CVSSv3
CVE-2023-6803
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
Github Enterprise Server
Github Enterprise Server 3.11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »