Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github github enterprise vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-23763
An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterpris...
Github Enterprise Server
8.8
CVSSv3
CVE-2020-10519
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execut...
Github Github
8.8
CVSSv3
CVE-2020-10518
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execut...
Github Github
2 Github repositories
6.3
CVSSv3
CVE-2017-1000091
GitHub Branch Source Plugin connects to a user-specified GitHub API URL (e.g. GitHub Enterprise) as part of form validation and completion (e.g. to verify Scan Credentials are correct). This functionality improperly checked permissions, allowing any user with Overall/Read access ...
Jenkins Github Branch Source 1.1
Jenkins Github Branch Source 1.2
Jenkins Github Branch Source 1.3
Jenkins Github Branch Source 1.4
Jenkins Github Branch Source 0.1
Jenkins Github Branch Source 1.0
Jenkins Github Branch Source 1.6
Jenkins Github Branch Source 2.0.0
Jenkins Github Branch Source 2.0.1
Jenkins Github Branch Source 2.0.2
Jenkins Github Branch Source 2.0.4
Jenkins Github Branch Source 2.2.0
Jenkins Github Branch Source 1.8
Jenkins Github Branch Source 1.8.1
Jenkins Github Branch Source 1.9
Jenkins Github Branch Source 1.10
Jenkins Github Branch Source 2.0.5
Jenkins Github Branch Source 2.0.6
Jenkins Github Branch Source 2.0.7
Jenkins Github Branch Source 1.5
Jenkins Github Branch Source 1.7
Jenkins Github Branch Source 2.0.3
9.8
CVSSv3
CVE-2020-10516
An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterpri...
Github Github
4.3
CVSSv3
CVE-2020-10517
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any ...
Github Github
6.5
CVSSv3
CVE-2021-22861
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able t...
Github Github
7.5
CVSSv3
CVE-2012-2055
GitHub Enterprise prior to 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote malicious users to set the public_key[user_id] value via a modified URL for the public-key update form, related to a "mass as...
Github Github
8.1
CVSSv3
CVE-2021-22863
An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability,...
Github Github
9.8
CVSSv3
CVE-2022-46255
An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary...
Github Enterprise Server 3.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »