Vulnerabilidades em github
139 resultadosCVE-2026-5512MEDIUMImproper authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository names via mobile upload policy APIEPSS 0.3%CVE-2025-8447HIGHIncorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed read-only accessEPSS 0.3%CVE-2025-3246HIGHMarkdown math block sanitization bypass allows privilege escalation and unauthorized workflow triggersEPSS 0.3%CVE-2025-6600MEDIUMGitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Search APIEPSS 0.3%CVE-2026-3307MEDIUMAuthorization bypass in GitHub Enterprise Server secret scanning push protection allows cross-repository modification of delegated bypass reviewersEPSS 0.3%CVE-2026-6736MEDIUMAuthentication bypass vulnerability in GitHub Enterprise Server allowed creation of local user accounts bypassing the configured external identity providerEPSS 0.3%CVE-2025-6981MEDIUMIncorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized read-only accessEPSS 0.3%CVE-2024-5815MEDIUMCross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repositoryEPSS 0.3%CVE-2026-3582MEDIUMIncorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scopeEPSS 0.2%CVE-2018-25188HIGHWebiness Inventory 2.3 SQL Injection via WsModelGrid.phpEPSS 0.2%CVE-2026-1999HIGHIncorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requestsEPSS 0.2%CVE-2026-5845HIGHImproper authorization fallback allows scoped user-to-server token installation escape in GitHub Enterprise ServerEPSS 0.2%CVE-2023-6804MEDIUMImproper Privilege Management allows for arbitrary workflows to be runEPSS 0.2%CVE-2024-2748MEDIUMCSRF vulnerability was identified in GitHub Enterprise Server that allowed performing actions on behalf of a userEPSS 0.2%CVE-2025-13744HIGHImproper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed rendering of malicious HTMLEPSS 0.2%CVE-2026-2266HIGHImproper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting via task list content and enabled arbitrary HTML injectionEPSS 0.2%CVE-2023-46649MEDIUMRace Condition allows Administrative Access on Organization RepositoriesEPSS 0.2%CVE-2023-6803MEDIUMRace Condition allows Unauthorized Outside CollaboratorEPSS 0.2%CVE-2026-8106MEDIUMReflected HTML injection vulnerability in GitHub Enterprise Server Management Console login page allowed credential theftEPSS 0.2%