Vulnerabilidades em GitHub
139 resultadosCVE-2022-23734HIGHDeserialization of Untrusted Data vulnerability in GitHub Enterprise Server leading to Remote Code ExecutionEPSS 1.9%CVE-2024-3646HIGHCommand injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management ConsoleEPSS 1.7%CVE-2024-1354HIGHCommand injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement ConsoleEPSS 1.7%CVE-2022-23732—Path traversal in GitHub Enterprise Server management console leading to a bypass of CSRF protectionsEPSS 1.7%CVE-2021-37700MEDIUMClipboard-based DOM-XSSEPSS 1.7%CVE-2024-2469HIGHRemote Code Execution in GitHub Enterprise Server Allowed Administrators to gain SSH access to the applianceEPSS 1.6%CVE-2020-10516—Improper access control in GitHub Enterprise Server leading to privilege escalation of organization memberEPSS 1.6%CVE-2022-39209HIGHUncontrolled Resource Consumption in cmark-gfmEPSS 1.6%CVE-2020-5238MEDIUMDenial of service in table parsing in cmark-gfmEPSS 1.6%CVE-2025-23369HIGHImproper Verification of Cryptographic Signature in GitHub Enterprise Server Allows Signature Spoofing by Improper ValidationEPSS 1.6%CVE-2024-6800CRITICALAn XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identityEPSS 1.5%CVE-2022-46255CRITICALImproper Limitation of a Pathname to a Restricted Directory in GitHub Enterprise Server leading to RCEEPSS 1.4%CVE-2021-22865—Improper access control in GitHub Enterprise Server leading to unauthorized read access to private repository metadataEPSS 1.3%CVE-2022-23739CRITICALIncorrect authorization check in GitHub Enterprise Server leading to escalation of privileges in GraphQL API requests from GitHub Apps using scoped user-to-server tokensEPSS 1.2%CVE-2025-3509HIGHPre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server that allowing Privilege EscalationEPSS 1.2%CVE-2021-22867—Unsafe configuration options in GitHub Pages leading to path traversal on GitHub Enterprise ServerEPSS 1.2%CVE-2021-22869—Improper access control in GitHub Enterprise Server allows self-hosted runners to execute outside their control groupEPSS 1.2%CVE-2021-41598—UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to userEPSS 1.2%CVE-2023-22486LOWcmark-gfm Quadratic complexity bug in handle_close_bracket may lead to a denial of serviceEPSS 1.1%CVE-2022-23740HIGHImproper Neutralization of Argument Delimiters in a Command in GitHub Enterprise Server leading to Remote Code ExecutionEPSS 1.1%