Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

GitHub — Vulnerabilities & Security Advisories 131

Browse all 131 CVE security advisories affecting GitHub. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products GitHub:Enterprise ServerGitHub Enterprise Servercmark-gfmcodeql-actionvscode-codeqlpaste-markdownview_componenttrilogycodeql-cli-binariesWebiness Inventorycopilot-cli
CVE IDTitleCVSSSeverityPaused
CVE-2024-10007 Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation — Enterprise ServerCWE-59 9.1AICriticalAI2024-11-07
CVE-2024-9539 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise ServerCWE-200 4.3AIMediumAI2024-10-11
CVE-2024-9487 An Improper Verification of Cryptographic Signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed when the encrypted assertions feature was enabled — Enterprise ServerCWE-347 9.8AICriticalAI2024-10-10
CVE-2024-8263 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise ServerCWE-269 9.1AICriticalAI2024-09-23
CVE-2024-8770 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise ServerCWE-79 6.1AIMediumAI2024-09-23
CVE-2024-6800 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise ServerCWE-347 9.8AICriticalAI2024-08-20
CVE-2024-6337 Incorrect Authorization allows read access to issues in GitHub Enterprise Server — GitHub Enterprise ServerCWE-863 4.3AIMediumAI2024-08-20
CVE-2024-7711 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise ServerCWE-863 5.3AIMediumAI2024-08-20
CVE-2024-6395 GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy Keys — GitHub Enterprise ServerCWE-200 5.3AIMediumAI2024-07-16
CVE-2024-6336 Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure — GitHub Enterprise ServerCWE-200 4.3AIMediumAI2024-07-16
CVE-2024-5817 Improper authorization allows read access to issue content in GitHub Enterprise Server — GitHub Enterprise ServerCWE-863 4.3AIMediumAI2024-07-16
CVE-2024-5816 Improper authorization allows persistent access in GitHub Enterprise Server — GitHub Enterprise ServerCWE-863 9.4AICriticalAI2024-07-16
CVE-2024-5815 Cross Site Request Forgery was identified in GitHub Enterprise Server that allowed write in a user owned repository — GitHub Enterprise ServerCWE-352 5.7AIMediumAI2024-07-16
CVE-2024-5795 Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed resource exhaustion — GitHub Enterprise ServerCWE-400 7.7 High2024-07-16
CVE-2024-5566 Improper Privilege Management allows for access to unauthorized repository content during migration — GitHub Enterprise ServerCWE-269 5.8 Medium2024-07-16
CVE-2024-5746 GitHub Enterprise Server 安全漏洞 — GitHub Enterprise ServerCWE-918 7.6 High2024-06-20
CVE-2024-4985 GitHub Enterprise Server 安全漏洞 — Enterprise ServerCWE-303 9.8AICriticalAI2024-05-20
CVE-2024-2440 Race Condition was identified in GitHub Enterprise Server that allowed maintaining admin permissions — Enterprise ServerCWE-367 5.5 Medium2024-04-19
CVE-2024-3684 Improper Privilege Management was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console — Enterprise ServerCWE-88 8.0 High2024-04-19
CVE-2024-3646 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console — Enterprise ServerCWE-20 8.0 High2024-04-19
CVE-2024-2443 Improper input validation vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console — GitHub Enterprise ServerCWE-20 9.1 Critical2024-03-20
CVE-2024-2469 Remote Code Execution in GitHub Enterprise Server Allowed Administrators to gain SSH access to the appliance — Enterprise ServerCWE-20 8.0 High2024-03-20
CVE-2024-1908 Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed Privilege Escalation — Enterprise ServerCWE-269 6.3 Medium2024-02-29
CVE-2024-25129 Limited data exfiltration in CodeQL CLI — codeql-cli-binariesCWE-611 2.7 Low2024-02-22
CVE-2024-1482 Improper Authorization in GitHub Enterprise Server allowed unauthorized workflow execution — Enterprise ServerCWE-863 7.1 High2024-02-14
CVE-2024-1378 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise ServerCWE-20 9.1 Critical2024-02-13
CVE-2024-1374 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise ServerCWE-20 9.1 Critical2024-02-13
CVE-2024-1372 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise ServerCWE-20 9.1 Critical2024-02-13
CVE-2024-1369 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise ServerCWE-20 9.1 Critical2024-02-13
CVE-2024-1359 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console — Enterprise ServerCWE-20 9.1 Critical2024-02-13

This page lists every published CVE security advisory associated with GitHub. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.