Lucene search
+L

20 matches found

nvd
nvd
added 2026/06/17 5:16 p.m.14 views

CVE-2026-12515

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS0.00197EPSS
Exploits0References3
cve
cve
added 2026/06/17 3:34 p.m.16 views

CVE-2026-12515

The CVE concerns Katello within Red Hat Satellite where content uploads lack proper authorization checks in the ContentUploadsController. The issue allows users with the edit_products permission to query whether specific content exists in repositories outside their authorized products, revealing ...

4.3CVSS5.4AI score0.00197EPSS
Exploits0References3
euvd
euvd
added 2026/06/17 3:34 p.m.11 views

EUVD-2026-37746

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/17 3:29 p.m.10 views

CVE-2026-12515

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.18 views

PT-2026-50457

Name of the Vulnerable Software and Affected Versions Katello of Red Hat Satellite affected versions not specified Description Insufficient authorization checks in the ContentUploadsController within the content upload functionality allow authenticated users with the edit products permission to...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References11
redhatcve
redhatcve
added 2026/01/09 9:52 a.m.5 views

CVE-2020-10516

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

9.8CVSS7.2AI score0.01591EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/11/11 1:44 p.m.7 views

CVE-2025-64688

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget...

7.4CVSS6.8AI score0.0001EPSS
Exploits0References1
cvelist
cvelist
added 2025/11/10 1:27 p.m.13 views

CVE-2025-64688

...

0.0001EPSS
Exploits0
cve
cve
added 2025/11/10 1:27 p.m.15 views

CVE-2025-64688

CVE-2025-64688 is rejected/not used per the initial description.

6.4AI score0.0001EPSS
Exploits0
vulnrichment
vulnrichment
added 2025/11/10 1:27 p.m.10 views

CVE-2025-64688

...

6.3AI score0.0001EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/22 8:47 p.m.8 views

CVE-2021-22861

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the target...

6.5CVSS6.8AI score0.00919EPSS
Exploits0References1
osv
osv
added 2021/03/03 4:15 a.m.5 views

CVE-2021-22861

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the target...

6.5CVSS6.6AI score0.00919EPSS
Exploits0References4
prion
prion
added 2021/03/03 4:15 a.m.26 views

Improper access control

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the target...

4CVSS6.5AI score0.00919EPSS
Exploits0References4Affected Software1
cve
cve
added 2021/03/03 3:25 a.m.111 views

CVE-2021-22861

GitHub Enterprise Server vulnerability CVE-2021-22861: An improper access control issue allowed authenticated users to write to unauthorized repositories via crafted pull requests and REST API calls. Affected versions include ranges listed in PT-2021-15234: 2.4.21–2.20.23, 2.21.0–2.21.14, 2.22.0–...

6.5CVSS6.5AI score0.00919EPSS
Exploits0References4Affected Software1
cnnvd
cnnvd
added 2021/03/03 12:0 a.m.5 views

GitHub Enterprise Server 安全漏洞

GitHub is a suite of hosting platforms for open source and private software projects. A security vulnerability exists in GitHub Enterprise Server that allows instances of authenticated users to gain write access to unauthorized repositories via specially designed pull requests and REST API...

6.5CVSS6.5AI score0.00919EPSS
Exploits0References4
osv
osv
added 2020/06/03 2:15 p.m.5 views

CVE-2020-10516

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

9.8CVSS7.3AI score0.01591EPSS
Exploits0References3
nvd
nvd
added 2020/06/03 2:15 p.m.23 views

CVE-2020-10516

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

9.8CVSS9.6AI score0.01591EPSS
Exploits0References3
prion
prion
added 2020/06/03 2:15 p.m.20 views

Improper access control

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior t...

7.5CVSS9.5AI score0.01591EPSS
Exploits0References3Affected Software1
cve
cve
added 2020/06/03 1:31 p.m.49 views

CVE-2020-10516

GitHub Enterprise Server (API) vulnerability: improper access control allowed an organization member to escalate permissions and access unauthorized repositories within an org. Affected all versions prior to 2.21; fixed in 2.20.9, 2.19.15, and 2.18.20. Exploitation status and in‑the‑wild details ...

9.8CVSS9.7AI score0.01591EPSS
Exploits0References3Affected Software1
hackerone
hackerone
added 2020/02/19 4:44 p.m.44 views

U.S. Dept Of Defense: Admin Login Credential Leak for DoD Gitlab EE instance

Summary A DoD employee/contractor exposed the ███ password in a GitHub repository █████████ leading to full ███ access in a DoD DISA-associated private Gitlab EE instance ███. Description The IP address ████ recently hosted the subdomain █████████ as of 2019-09-23. ██████ Now port 80 points to a...

7.8AI score
Exploits0
Rows per page
Query Builder