Filter
-Infinity
0
Trending
GitHub EnterpriseMarkdown math block sanitization bypass allows privilege escalation and unauthorized workflow triggers
8.6
EPSS
0.05%
First published (updated )
GitHub EnterprisePre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server that allowing Privilege Escalation
7.1
EPSS
0.36%
First published (updated )
GitHub EnterpriseMissing Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized access to private repository names
5.3
First published (updated )
BleepingComputerGitHub Action supply chain attack exposed secrets in 218 repos
First published (updated )
News
BleepingComputertj-action/changed-files GitHub action was compromised
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
tj-action/changed-files GitHub action was compromised
First published (updated )
GitHub`gh attestation verify` returns incorrect exit code during verification if no attestations are present
6.3
EPSS
0.04%
First published (updated )
Dark ReadingNew Jailbreaks Allow Users to Manipulate GitHub Copilot
First published (updated )
News
Dark ReadingGitHub EnterpriseCode Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Message Handling
7.1
First published (updated )
BleepingComputerClone2Leak attacks exploit Git flaws to steal credentials
First published (updated )
News
BleepingComputerNever miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CodeQLCodeQL GitHub Action failed workflow writes GitHub PAT to debug artifacts
7.1
EPSS
0.04%
First published (updated )
GitHub EnterpriseImproper Verification of Cryptographic Signature in GitHub Enterprise Server Allows Signature Spoofing by Improper Validation
7.6
EPSS
0.04%
First published (updated )
GitHub DesktopMaliciously crafted remote URLs could lead to credential leak in GitHub Desktop
6.6
EPSS
0.04%
First published (updated )
go/github.com/cli/cliConnecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer
9.6
First published (updated )
GitHub EnterprisePrivilege Management vulnerability was identified in GitHub Enterprise Server that allowed GitHub Apps to grant themselves write access
8.7
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GitHub EnterpriseAuthorization Bypass Vulnerability was Identified in GitHub Enterprise Server that Allowed Unauthorized Internal Users to Access Secret Scanning Alert Data
First published (updated )
GitHub EnterprisePre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation
8.7
First published (updated )
GitHub EnterpriseAn Improper Verification of Cryptographic Signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed when the encrypted assertions feature was enabled
9.5
EPSS
0.83%
First published (updated )
GitHub EnterpriseAn improper privilege management vulnerability allowed arbitrary workflows to be committed using an …
6.2
EPSS
0.06%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GitHub ActionsArbitrary File Write via artifact extraction in actions/artifact
First published (updated )
GitHub EnterpriseAn XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SA…
9.8
EPSS
0.04%
First published (updated )
GitHub EnterpriseIncorrect Authorization allows read access to issues in GitHub Enterprise Server
6.5
EPSS
0.04%
First published (updated )
GitHub EnterpriseAn Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an att…
5.3
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GitHub EnterpriseGitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy Keys
6.3
EPSS
0.04%
First published (updated )
GitHub EnterpriseSecurity misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure
6.9
EPSS
0.04%
First published (updated )
GitHub EnterpriseImproper authorization allows read access to issue content in GitHub Enterprise Server
6.5
EPSS
0.04%
First published (updated )
GitHub EnterpriseImproper authorization allows persistent access in GitHub Enterprise Server
6.9
EPSS
0.04%
First published (updated )
GitHub EnterpriseCross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository
6.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.