Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.13 views

CVE-2026-5512

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

5.3CVSS5.6AI score0.00296EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/22 12:31 a.m.5 views

EUVD-2026-24550

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

5.3CVSS5.8AI score0.00296EPSS
Exploits0References8
NVD
NVD
added 2026/04/21 11:16 p.m.5 views

CVE-2026-5512

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

5.3CVSS0.00296EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/21 10:12 p.m.36 views

CVE-2026-5512 Improper authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository names via mobile upload policy API

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

5.3CVSS0.00296EPSS
Exploits0References7
CVE
CVE
added 2026/04/21 10:12 p.m.21 views

CVE-2026-5512

CVE-2026-5512 describes an improper authorization vulnerability in GitHub Enterprise Server where an authenticated attacker could determine private repository names by numeric ID via the mobile upload policy API endpoint. The issue arises from a failure to perform an early authorization check and...

5.3CVSS5.8AI score0.00296EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.7 views

PT-2026-34211

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An improper authorization issue exists where an authenticated attacker can determine the names of private repositories using their numeric ID. This occurs because the mobile upload...

5.3CVSS5.8AI score0.00296EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.21 of GitHub Enterprise Server, there was a security...

5.3CVSS5.8AI score0.00296EPSS
Exploits0References1
Rows per page
Query Builder