930 matches found
CVE-2025-11578 Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation
A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...
CVE-2025-11578 Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation
A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...
CVE-2025-11578
CVE-2025-11578 is a privilege-escalation vulnerability in GitHub Enterprise Server. An authenticated Enterprise admin could abuse a symlink escape in pre-receive hook environments to replace system binaries during hook cleanup and inject their SSH key into root’s authorized_keys, enabling root SS...
CVE-2025-11892 DOM-based Cross-Site Scripting was identified in GitHub Enterprise Server Issues search allows privilege escalation and unauthorized workflow triggers
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have...
CVE-2025-11892
GitHub Enterprise Server is affected by CVE-2025-11892: an improper neutralization of input leads to DOM-based cross-site scripting via the Issues search label filter, enabling privilege escalation and unauthorized workflow triggers. Exploitation requires user interaction and access to a target s...
CVE-2025-11892 DOM-based Cross-Site Scripting was identified in GitHub Enterprise Server Issues search allows privilege escalation and unauthorized workflow triggers
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have...
PT-2025-46218
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.18.1 GitHub Enterprise Server versions prior to 3.17.7 GitHub Enterprise Server versions prior to 3.16.10 GitHub Enterprise Server versions prior to 3.15.14 GitHub Enterprise Server versions prior t...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability in GitHub Enterprise Server versions prior t...
VulnCheck KEV: CVE-2017-18365
The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...
PT-2025-46217
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.19 GitHub Enterprise Server versions 3.14.19 GitHub Enterprise Server versions 3.15.14 GitHub Enterprise Server versions 3.16.10 GitHub Enterprise Server versions 3.17.7 GitHub Enterprise Server...
EUVD-2021-10000
Malware in sbrugna...
EUVD-2021-10005
Malware in sbrugna...
EUVD-2020-2969
Malware in sbrugna...
EUVD-2020-2971
Malware in sbrugna...
EUVD-2021-24415
Malware in sbrugna...
EUVD-2021-10001
Malware in sbrugna...
EUVD-2021-10002
Malware in sbrugna...
EUVD-2021-10003
Malware in sbrugna...
EUVD-2021-10004
Malware in sbrugna...