EUVD-2024-32056

Malicious code in bioql PyPI...

EUVD-2024-47449

Malicious code in bioql PyPI...

CVE-2024-6336 Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure

A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a depende...

CVE-2024-6336 Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure

A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. This attack required an organization member to explicitly change the visibility of a depende...

CVE-2024-6336

CVE-2024-6336 describes a security misconfiguration in GitHub Enterprise Server where sensitive information could be disclosed to unauthorized users by exploiting the organization ruleset feature. An organization member could change the visibility of a dependent repository from private to public,...

PT-2024-37549 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.14 Description: A Security Misconfiguration issue in GitHub Enterprise Server allowed unauthorized users to access sensitive information by exploiting the organization ruleset feature. This require...

CVE-2024-3470

An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use a deploy key pertaining to an organization to bypass an organization ruleset. An attacker would require access to a valid deploy key for a repository in the organization as we...

CVE-2024-3470 Repository administrator can bypass organization's ruleset using deploy keys

An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use a deploy key pertaining to an organization to bypass an organization ruleset. An attacker would require access to a valid deploy key for a repository in the organization as we...

PT-2024-26117 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.11 through 3.12 Description: An Improper Privilege Management issue was identified in GitHub Enterprise Server, allowing an attacker to bypass an organization ruleset using a deploy key. The attacker would...