930 matches found
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
GitHub Enterprise Server Path Traversal Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
PT-2024-17984 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.12 GitHub Enterprise Server version 3.11.5 GitHub Enterprise Server version 3.10.7 GitHub Enterprise Server version 3.9.10 GitHub Enterprise Server version 3.8.15 Description: A command injection...
GitHub Enterprise Server Cross-Site Scripting Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
PT-2024-9876 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.12 GitHub Enterprise Server versions 3.8.0 through 3.8.14 GitHub Enterprise Server versions 3.9.0 through 3.9.9 GitHub Enterprise Server versions 3.10.0 through 3.10.6 GitHub Enterprise Server...
PT-2024-17990 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.12 GitHub Enterprise Server version 3.11.5 GitHub Enterprise Server version 3.10.7 GitHub Enterprise Server version 3.9.10 GitHub Enterprise Server version 3.8.15 Description: A command injection...
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
PT-2024-17967 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.12 Description: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the...
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
GitHub Enterprise Server Command Injection Vulnerability
GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...
GitHub: RC Between GitHub's Repo Update REST API and updateTeamsRepository GraphQL Mutation Results in Covert and Persistent Admin Access Retention
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repository is detached. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13...
GitHub: Privilege Escalation to Root SSH Access via Pre-Receive Hook Environment in GitHub Enterprise Server
An attacker with an Administrator role in GitHub Enterprise Server could gain SSH root access via remote code execution. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.17, 3.9.12, 3.10.9, 3.11.7 and 3.12.1. This vulnerability was reported...
GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via nomad template injection
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. This vulnerability affected all versions of GitHub...
The vulnerability of the Management Console in the corporate version of GitHub Enterprise Server allows a perpetrator to execute arbitrary commands and increase their privileges.
The vulnerability of the Management Console in the corporate version of GitHub Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands and increase their privileges...
The vulnerability of the corporate version of the GitHub Enterprise Server, related to the use of external management input for class selection, allows a perpetrator to execute arbitrary code.
The vulnerability of the corporate version of the GitHub Enterprise Server is related to the use of external management input data for class selection. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in collectd
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. This vulnerability affected all version...
GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in actions-console
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. The vulnerability affected all versio...