Github

Enterprise Server

90 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-3470

  • EPSS 0.04%
  • Veröffentlicht 19.04.2024 15:15:51
  • Zuletzt bearbeitet 02.09.2025 19:12:13

An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use a deploy key pertaining to an organization to bypass an organization ruleset. An attacker would require access to a valid deploy...

6.5

CVE-2024-1908

  • EPSS 0.16%
  • Veröffentlicht 21.03.2024 02:51:48
  • Zuletzt bearbeitet 02.09.2025 13:46:35

An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use the Enterprise Actions GitHub Connect download token to fetch private repository data. An attacker would require an account on t...

4.3

CVE-2024-2748

  • EPSS 0.25%
  • Veröffentlicht 21.03.2024 00:15:09
  • Zuletzt bearbeitet 02.09.2025 14:07:47

A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerabi...

7.2

CVE-2024-2469

  • EPSS 0.9%
  • Veröffentlicht 20.03.2024 23:15:07
  • Zuletzt bearbeitet 04.09.2025 15:18:52

An attacker with an Administrator role in GitHub Enterprise Server could gain SSH root access via remote code execution. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.17, 3.9.12, 3.10.9, 3.1...

7.2

CVE-2024-2443

  • EPSS 0.27%
  • Veröffentlicht 20.03.2024 23:15:07
  • Zuletzt bearbeitet 04.09.2025 15:50:25

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring GeoJSON settings. Exploitation of this vuln...

6.5

CVE-2024-1482

  • EPSS 0.08%
  • Veröffentlicht 14.02.2024 20:15:45
  • Zuletzt bearbeitet 23.01.2025 19:53:54

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to create new branches in public repositories and run arbitrary GitHub Actions workflows with permissions from the GITHUB_TOKEN. To exploit t...

9.1

CVE-2024-1378

  • EPSS 1.13%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:26

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. Exploitat...

9.1

CVE-2024-1374

  • EPSS 2.8%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:26

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. E...

9.1

CVE-2024-1372

  • EPSS 0.49%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:26

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. Exploitation of this vulnera...

9.1

CVE-2024-1369

  • EPSS 0.58%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:25

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configur...