Vulnerabilities in github
139 resultsCVE-2021-22862—Improper access control in GitHub Enterprise Server leading to the disclosure of Actions secrets to forksEPSS 0.8%CVE-2023-46645MEDIUMPath traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages siteEPSS 0.8%CVE-2024-25129LOWLimited data exfiltration in CodeQL CLIEPSS 0.8%CVE-2024-1082MEDIUMPath traversal vulnerability in GitHub Enterprise Server that allowed arbitrary file read with a specially crafted GitHub Pages artifact uploadEPSS 0.8%CVE-2023-46648HIGHInsufficient Entropy in GitHub Enterprise Server Management Console Invitation TokenEPSS 0.7%CVE-2023-22485MEDIUMcmark-gfm out-of-bounds read in validate_protocolEPSS 0.7%CVE-2023-6802HIGHSensitive Information in Log File in GitHub Enterprise Server EPSS 0.7%CVE-2024-6337MEDIUMIncorrect Authorization allows read access to issues in GitHub Enterprise ServerEPSS 0.7%CVE-2022-23737MEDIUMImproper Privilege Management in GitHub Enterprise Server leading to page creation and deletionEPSS 0.7%CVE-2023-22380MEDIUMPath traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages siteEPSS 0.7%CVE-2026-0573HIGHImproper Handling of HTTP Redirects vulnerability was identified in GitHub Enterprise Server that allowed leaking of authorization token and enabled remote code executionEPSS 0.6%CVE-2023-23762MEDIUMIncorrect comparison vulnerability in GitHub Enterprise Server leading to commit smugglingEPSS 0.6%CVE-2023-46647HIGHImproper Privilege Management in GitHub Enterprise Server management console leads to privilege escalation EPSS 0.6%CVE-2022-23738MEDIUMIncomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo filesEPSS 0.6%CVE-2024-9539MEDIUMAn information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to EPSS 0.6%CVE-2023-51379MEDIUMIncorrect Authorization for Issue Comments in GitHub Enterprise Server EPSS 0.6%CVE-2024-1908MEDIUMImproper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed Privilege EscalationEPSS 0.6%CVE-2023-37463MEDIUMQuadratic complexity bugs may lead to a denial of serviceEPSS 0.6%CVE-2023-23766MEDIUMIncorrect comparison vulnerability in GitHub Enterprise Server leading to commit smugglingEPSS 0.6%CVE-2024-3470MEDIUMRepository administrator can bypass organization's ruleset using deploy keysEPSS 0.6%