930 matches found
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server, which...
PT-2024-7926 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.13.0 through 3.13.1 GitHub Enterprise Server versions prior to 3.13.2 Description: The issue is related to an authorization bypass vulnerability in GitHub Enterprise Server, allowing unauthorized internal...
The vulnerability of the corporate version of the GitHub Enterprise Server, related to insufficient protection of service data, allows attackers to carry out phishing attacks.
The vulnerability of the corporate version of the GitHub Enterprise Server is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor to carry out phishing attacks using malicious SVG files and URL links...
The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server allows attackers to escalate their privileges and disclose sensitive information.
The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to increase their privileges and disclose sensitive...
CVE-2024-9539
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the URL and further exploit it to create a convincing phishing page. This required the attacker to uplo...
CVE-2024-9539
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the URL and further exploit it to create a convincing phishing page. This required the attacker to uplo...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions...
CVE-2024-9487
An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be...
CVE-2024-9487
An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...
GitHub Enterprise 3.11.x < 3.11.14 / 3.12.x < 3.12.8 / 3.13.x < 3.13.3 (ghsa_w49g_9f3f_c384)
The version of GitHub Enterprise installed on the remote host is prior to 3.11.14, 3.12.8, or 3.13.3. It is, therefore, affected by a vulnerability as referenced in the ghsaw49g9f3fc384 advisory. - An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an...
GitHub Enterprise 3.10.x < 3.10.6 / 3.11.x < 3.11.14 / 3.12.x < 3.12.8 / 3.13.x < 3.13.3 (ghsa_75w9_x6cm_hvwg)
The version of GitHub Enterprise installed on the remote host is prior to 3.10.6, 3.11.14, 3.12.8, or 3.13.3. It is, therefore, affected by a vulnerability as referenced in the ghsa75w9x6cmhvwg advisory. - An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that...
GitHub Enterprise 3.10.x < 3.10.16 / 3.11.x < 3.11.14 / 3.12.x < 3.12.8 / 3.13.x < 3.13.3 (ghsa_5wm9_5344_qrrj)
The version of GitHub Enterprise installed on the remote host is prior to 3.10.16, 3.11.14, 3.12.8, or 3.13.3. It is, therefore, affected by a vulnerability as referenced in the ghsa5wm95344qrrj advisory. - An XML signature wrapping vulnerability was present in GitHub Enterprise Server GHES when...
CVE-2024-8770
A Cross-Site Scripting XSS vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social engineering. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version...
CVE-2024-8770
A Cross-Site Scripting XSS vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social engineering. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version...
CVE-2024-8263
An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. Thi...
CVE-2024-8770
CVE-2024-8770 describes a Cross-Site Scripting (XSS) vulnerability in the repository transfer feature of GitHub Enterprise Server. The issue affected all versions prior to the fixed releases and allowed attackers to steal sensitive user information via social engineering. Fixes were released in G...
CVE-2024-8770
A Cross-Site Scripting XSS vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social engineering. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...
PT-2024-39238 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.10.17 GitHub Enterprise Server versions prior to 3.11.15 GitHub Enterprise Server versions prior to 3.12.9 GitHub Enterprise Server versions prior to 3.13.4 GitHub Enterprise Server versions prior ...