EUVD-2021-24415

Malware in sbrugna...

Enterprise Search 8.18.6, 8.19.3 Security Update (ESA-2025-15) (CVE-2025-54988)

Enterprise Search XML external entity XXE injection in Apache Tika ESA-2025-15 On August 20, 2025, CVE-2025-54988 in Apache Tika PDF parser module was announced, disclosing an XML External Entity injection flaw in the Apache Tika tika-parser-pdf-module. This vulnerability allows an attacker to...

CVE-2021-37940

An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Using this vulnerability, a malicious Workplace Search admin could use the GHES integration to view hosts that might not be publicly...

CVE-2021-37940

An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Using this vulnerability, a malicious Workplace Search admin could use the GHES integration to view hosts that might not be publicly...

CVE-2021-37940

An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Using this vulnerability, a malicious Workplace Search admin could use the GHES integration to view hosts that might not be publicly...

Server side request forgery (ssrf)

An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Using this vulnerability, a malicious Workplace Search admin could use the GHES integration to view hosts that might not be publicly...

CVE-2021-37940

An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Using this vulnerability, a malicious Workplace Search admin could use the GHES integration to view hosts that might not be publicly...

CVE-2021-37940

CVE-2021-37940 pertains to an information-disclosure via a GET-based server-side request forgery in the Workplace Search integration for GitHub Enterprise Server (GHES). The vulnerability allows a malicious GHES admin to leverage the Workplace Search GHES integration to view hosts that may not be...

Enterprise Search 7.16.0 Security Update

Enterprise Search Information Disclosure issue ESA-2021-28 An information disclosure via GET request server-side request forgery vulnerability was discovered with the Workplace Search Github Enterprise Server integration. Using this vulnerability, a malicious Workplace Search admin could use the...

GitHub Enterprise Server 代码问题漏洞

GitHub Enterprise Server is Github an open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in Workplace Search Github Enterprise Server. An attacker can...