Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github enterprise server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-23765
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was...
Github Enterprise Server 3.9.0
Github Enterprise Server
6.5
CVSSv3
CVE-2023-0056
An uncontrolled resource consumption vulnerability exists in HAProxy which could crash the service. This issue could allow an authenticated remote malicious user to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
Haproxy Haproxy -
Redhat Software Collections -
Redhat Ceph Storage 5.0
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Ibm Linuxone 4.12
Redhat Openshift Container Platform For Power 4.12
Redhat Openshift Container Platform Ibm Z Systems 4.12
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform For Ibm Linuxone 4.10
Redhat Openshift Container Platform For Power 4.10
Redhat Openshift Container Platform Ibm Z Systems 4.10
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform For Ibm Linuxone 4.11
Redhat Openshift Container Platform For Power 4.11
Redhat Openshift Container Platform Ibm Z Systems 4.11
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2023-22380
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Serve...
Github Enterprise Server
6.5
CVSSv3
CVE-2022-46258
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a repository-scoped token with read/write access to modify Action Workflow files without a Workflow scope. The Create or Update file contents API should enforce workflow scope. This v...
Github Enterprise Server
6.5
CVSSv3
CVE-2022-23737
An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API. To exploit this vulnerability, an attacker would need to be added to an organization's repo with write...
Github Enterprise Server
6.5
CVSSv3
CVE-2021-22870
A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an malicious user to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterpr...
Github Enterprise Server
6.5
CVSSv3
CVE-2021-22867
A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterp...
Github Enterprise Server
6.5
CVSSv3
CVE-2021-22865
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated from a GitHub App's web authentication flow to read private repository metadata via the REST API without having been granted the appropriate permissions. ...
Github Enterprise Server
6.5
CVSSv3
CVE-2021-22861
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able t...
Github Github
6.5
CVSSv3
CVE-2021-22862
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed th...
Github Github 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »