29584 matches found
CVE-2025-13744
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
GHSA-36HM-QXXP-PG3M
creationtimestamp| type| source ---|---|--- 2026-01-08 01:59:08+00:00| seen| https://bsky.app/profile/azu.bsky.social/post/3mbuv2h3plo2x 2026-01-08 16:03:29+00:00| seen| Telegram/eK7Ikx8B4zhc3RXJcMY-EZtQzuwPO0YG4YMu0LZCUnsVEJo 2026-01-24 21:26:46+00:00| seen|...
GHSA-7VHP-VF5G-R2FW
creationtimestamp| type| source ---|---|--- 2026-01-07 23:09:29+00:00| seen| Telegram/FpDGAESLT2b6cAqL19jI0amMTjRd3R14Wu3P5pTmHCNxdqI...
GHSA-9C23-RRG9-JC89
creationtimestamp| type| source ---|---|--- 2026-01-07 20:04:29+00:00| published-proof-of-concept| Telegram/dVBBzDLnAvxAWJ1LkZD-2V6hkrnURxr4dyAmSZABM3KGIM...
CVE-2025-14130
creationtimestamp| type| source ---|---|--- 2026-01-07 11:20:24+00:00| seen| https://gist.github.com/Darkcrai86/1429d39b1b31ecbc858a20f43aa8c198...
CVE-2025-14144
creationtimestamp| type| source ---|---|--- 2026-01-07 11:17:20+00:00| seen| https://gist.github.com/Darkcrai86/fdc545fc7919ec5fb838ab2ccd12d0e5...
CVE-2019-15823
creationtimestamp| type| source ---|---|--- 2026-01-07 10:48:00+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-15823.yaml 2026-01-08 21:03:11+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mbwuxxqv5h2t...
CVE-2025-14147 Easy GitHub Gist Shortcodes <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute
The Easy GitHub Gist Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the gist shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2024-2748
A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerability affected GitHub Enterprise Server 3.12.0 a...
CVE-2024-2440
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repository is detached. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13...
CVE-2025-61916
Spinnaker is an open source, multi-cloud continuous delivery platform. Versions prior to 2025.1.6, 2025.2.3, and 2025.3.0 are vulnerable to server-side request forgery. The primary impact is allowing users to fetch data from a remote URL. This data can be then injected into spinnaker pipelines vi...
CVE-2024-2469
An attacker with an Administrator role in GitHub Enterprise Server could gain SSH root access via remote code execution. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.17, 3.9.12, 3.10.9, 3.11.7 and 3.12.1. This vulnerability was reported...
CVE-2024-2443
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring GeoJSON settings. Exploitation of this vulnerability required access to the GitHub...
GHSA-F46Q-GMG5-36HM vulnerabilities
Vulnerabilities for packages: vitess...
GHSA-QPXX-2FWX-F5QJ vulnerabilities
Vulnerabilities for packages: pgbouncer...
GHSA-C6CM-5GC7-C3F4 vulnerabilities
Vulnerabilities for packages: keycloak...
GHSA-3MGP-FX93-9XV5 vulnerabilities
Vulnerabilities for packages: grafana...
GHSA-64X6-Q8PQ-XJMG vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-F7VH-QWP3-X37M vulnerabilities
Vulnerabilities for packages: druid...
GHSA-G23H-7VF9-XC25 vulnerabilities
Vulnerabilities for packages: difftastic...