930 matches found
EUVD-2024-46945
Malicious code in bioql PyPI...
EUVD-2025-11795
Malicious code in bioql PyPI...
EUVD-2022-28677
Malicious code in bioql PyPI...
EUVD-2022-49075
Malicious code in bioql PyPI...
EUVD-2022-28676
Malicious code in bioql PyPI...
EUVD-2021-9997
Malicious code in bioql PyPI...
CVE-2025-8447
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...
CVE-2025-8447
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...
CVE-2025-8447 Incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed read-only access
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...
CVE-2025-8447
CVE-2025-8447 : GitHub Enterprise Server had an improper access-control issue enabling users with access to one repo to retrieve limited code from another repo by stacking a diff between repositories. An attacker needed the private-repo name and a branch/tag/commit SHA to trigger the compare/diff...
CVE-2025-8447 Incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed read-only access
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...
PT-2025-34727
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.18 GitHub Enterprise Server versions 3.14.17 GitHub Enterprise Server versions 3.15.12 GitHub Enterprise Server versions 3.16.8 GitHub Enterprise Server versions 3.17.5 Description: An improper...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions...
Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
...
python3.11-django-ansible-base: Sensitive Authenticator Secrets Returned in Clear Text via API in AAP
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
CVE-2025-7738
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
CVE-2025-7738
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
CVE-2025-7738 Python3.11-django-ansible-base: sensitive authenticator secrets returned in clear text via api in aap
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
CVE-2025-7738
CVE-2025-7738 affects Red Hat Ansible Automation Platform (AAP) where the Gateway API exposes the client secret for certain GitHub Enterprise authenticators. The underlying issue is that sensitive authenticator secrets are returned in clear text via the API, with exposure limited to privileged us...
CVE-2025-6981
An incorrect authorization vulnerability allowed unauthorized read access to the contents of internal repositories for contractor accounts when the Contractors API feature was enabled. The Contractors API is a rarely-enabled feature in private preview. This vulnerability affected all versions of...