Github

Enterprise Server

93 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2024-1374

  • EPSS 2.8%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:26

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. E...

9.1

CVE-2024-1372

  • EPSS 0.49%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:26

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. Exploitation of this vulnera...

9.1

CVE-2024-1369

  • EPSS 0.58%
  • Veröffentlicht 13.02.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:50:25

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configur...

6.1

CVE-2024-1084

  • EPSS 0.1%
  • Veröffentlicht 13.02.2024 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:49:45

Cross-site Scripting in the tag name pattern field in the tag protections UI in GitHub Enterprise Server allows a malicious website that requires user interaction and social engineering to make changes to a user account via CSP bypass with created CS...

9.1

CVE-2024-1359

  • EPSS 0.58%
  • Veröffentlicht 13.02.2024 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:50:24

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. Exploitation of this vulnerab...

9.1

CVE-2024-1355

  • EPSS 0.47%
  • Veröffentlicht 13.02.2024 19:15:09
  • Zuletzt bearbeitet 24.03.2025 20:15:17

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a ser...

8

CVE-2024-1354

  • EPSS 0.3%
  • Veröffentlicht 13.02.2024 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:50:23

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the `syslog-ng` configuration file. Exploitation of this...

6.5

CVE-2024-1082

  • EPSS 0.46%
  • Veröffentlicht 13.02.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:49:45

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying arbitrary symbolic links to a GitHub Pages site with a specially crafted artifact tarball. T...

8.8

CVE-2024-0507

  • EPSS 77.7%
  • Veröffentlicht 16.01.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:46:45

An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and ...

9.8

CVE-2024-0200

  • EPSS 74.5%
  • Veröffentlicht 16.01.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:46:03

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor ...