Vulnerabilities in github
139 resultsCVE-2025-11578HIGHPre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege EscalationEPSS 0.6%CVE-2022-46257—Information disclosure in GitHub Enterprise Server leading to unauthorized viewing of private repository namesEPSS 0.6%CVE-2022-46258MEDIUMIncorrect Authorization in GitHub Enterprise Server leads to Action Workflow modifications without Workflow ScopeEPSS 0.6%CVE-2024-5795HIGHDenial of Service vulnerability was identified in GitHub Enterprise Server that allowed resource exhaustionEPSS 0.6%CVE-2025-11892HIGHDOM-based Cross-Site Scripting was identified in GitHub Enterprise Server Issues search allows privilege escalation and unauthorized workflow triggersEPSS 0.6%CVE-2023-23763MEDIUMInformation disclosure in GitHub Enterprise Server leading to private repository leakageEPSS 0.5%CVE-2023-46646MEDIUMImproper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get EPSS 0.5%CVE-2024-5817MEDIUMImproper authorization allows read access to issue content in GitHub Enterprise ServerEPSS 0.5%CVE-2023-6746HIGHSensitive Information in Log File in GitHub Enterprise Server EPSS 0.5%CVE-2024-5816MEDIUMImproper authorization allows persistent access in GitHub Enterprise ServerEPSS 0.5%CVE-2024-7711MEDIUMAn Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, anEPSS 0.5%CVE-2024-6395MEDIUMGitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy KeysEPSS 0.5%CVE-2023-23765MEDIUMIncorrect comparison vulnerability in GitHub Enterprise Server leading to commit smugglingEPSS 0.5%CVE-2022-23733—Stored XSS vulnerability in GitHub Enterprise Server leading to injection of arbitrary attributesEPSS 0.5%CVE-2024-5566MEDIUMImproper Privilege Management allows for access to unauthorized repository content during migrationEPSS 0.5%CVE-2024-1084MEDIUMCross-site Scripting in the tag name pattern field in the tag protections UI in GitHub Enterprise Server allows a malicious website that reqEPSS 0.5%CVE-2023-23764MEDIUMIncorrect comparison vulnerability in GitHub Enterprise Server leading to commit smugglingEPSS 0.5%CVE-2023-51380LOWIncorrect Authorization allows Read Access to Issue Comments in GitHub Enterprise ServerEPSS 0.5%CVE-2023-23761HIGHImproper authentication vulnerability in GitHub Enterprise Server leading to modification of secret gistsEPSS 0.5%CVE-2024-2440MEDIUMRace Condition was identified in GitHub Enterprise Server that allowed maintaining admin permissionsEPSS 0.5%