CVE-2024-2443
- EPSS 2.09%
- Veröffentlicht 20.03.2024 23:15:07
- Zuletzt bearbeitet 04.09.2025 15:50:25
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring GeoJSON settings. Exploitation of this vuln...
CVE-2024-2469
- EPSS 1.62%
- Veröffentlicht 20.03.2024 23:15:07
- Zuletzt bearbeitet 04.09.2025 15:18:52
An attacker with an Administrator role in GitHub Enterprise Server could gain SSH root access via remote code execution. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.17, 3.9.12, 3.10.9, 3.1...
CVE-2024-1482
- EPSS 0.42%
- Veröffentlicht 14.02.2024 20:15:45
- Zuletzt bearbeitet 23.01.2025 19:53:54
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to create new branches in public repositories and run arbitrary GitHub Actions workflows with permissions from the GITHUB_TOKEN. To exploit t...
CVE-2024-1369
- EPSS 2.28%
- Veröffentlicht 13.02.2024 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:50:25
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configur...
CVE-2024-1372
- EPSS 2.28%
- Veröffentlicht 13.02.2024 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:50:26
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. Exploitation of this vulnera...
CVE-2024-1374
- EPSS 2.63%
- Veröffentlicht 13.02.2024 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:50:26
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. E...
CVE-2024-1378
- EPSS 2.34%
- Veröffentlicht 13.02.2024 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:50:26
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. Exploitat...
CVE-2024-1084
- EPSS 0.47%
- Veröffentlicht 13.02.2024 19:15:09
- Zuletzt bearbeitet 21.11.2024 08:49:45
Cross-site Scripting in the tag name pattern field in the tag protections UI in GitHub Enterprise Server allows a malicious website that requires user interaction and social engineering to make changes to a user account via CSP bypass with created CS...
- EPSS 1.72%
- Veröffentlicht 13.02.2024 19:15:09
- Zuletzt bearbeitet 21.11.2024 08:50:23
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the `syslog-ng` configuration file. Exploitation of this...
CVE-2024-1355
- EPSS 2.36%
- Veröffentlicht 13.02.2024 19:15:09
- Zuletzt bearbeitet 24.03.2025 20:15:17
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a ser...