CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-46258 – Incorrect Authorization in GitHub Enterprise Server leads to Action Workflow modifications without Workflow Scope
https://notcve.org/view.php?id=CVE-2022-46258
09 Jan 2023 — An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a repository-scoped token with read/write access to modify Action Workflow files without a Workflow scope. The Create or Update file contents API should enforce workflow scope. This vulnerability affected all versions of GitHub Enterprise Server prior to version 3.7 and was fixed in versions 3.3.16, 3.4.11, 3.5.8, and 3.6.4. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vul... • https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.16 • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-10031 – purpleparrots 491-Project Highscore update.php sql injection
https://notcve.org/view.php?id=CVE-2015-10031
08 Jan 2023 — A vulnerability classified as critical was found in purpleparrots 491-Project. This vulnerability affects unknown code of the file update.php of the component Highscore Handler. The manipulation leads to sql injection. The name of the patch is a812a5e4cf72f2a635a716086fe1ee2b8fa0b1ab. It is recommended to apply a patch to fix this issue. • https://github.com/purpleparrots/491-Project/commit/a812a5e4cf72f2a635a716086fe1ee2b8fa0b1ab • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-25084 – Hide Files on GitHub options.js addEventListener cross site scripting
https://notcve.org/view.php?id=CVE-2019-25084
25 Dec 2022 — A vulnerability, which was classified as problematic, has been found in Hide Files on GitHub up to 2.x. This issue affects the function addEventListener of the file extension/options.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 3.0.0 is able to address this issue. • https://github.com/sindresorhus/hide-files-on-github/commit/9de0c57df81db1178e0e79431d462f6d9842742e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 3%CPEs: 5EXPL: 0CVE-2022-46256 – Path traversal in GitHub Enterprise Server leading to remote code execution in GitHub Pages
https://notcve.org/view.php?id=CVE-2022-46256
14 Dec 2022 — A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the instance. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, 3.6.5 and 3.7.2. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de path traversal en GitHub Enterprise Server que permitía la eje... • https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.17 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23741 – Incorrect authorization in GitHub Enterprise Server token generation leading to full admin access
https://notcve.org/view.php?id=CVE-2022-23741
14 Dec 2022 — An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. An attacker would require an account with admin access to install a malicious GitHub App. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, and 3.6.5. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de autorización incorrecta en GitHub Enterprise Server que permitió que un t... • https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.17 • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2022-46255 – Improper Limitation of a Pathname to a Restricted Directory in GitHub Enterprise Server leading to RCE
https://notcve.org/view.php?id=CVE-2022-46255
14 Dec 2022 — An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary file overwrite bug. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una limitación inadecua... • https://docs.github.com/en/enterprise-server%403.7/admin/release-notes#3.7.1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23737 – Improper Privilege Management in GitHub Enterprise Server leading to page creation and deletion
https://notcve.org/view.php?id=CVE-2022-23737
01 Dec 2022 — An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API. To exploit this vulnerability, an attacker would need to be added to an organization's repo with write permissions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.7 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, and 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program. Se ide... • https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20 • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2022-23740 – Improper Neutralization of Argument Delimiters in a Command in GitHub Enterprise Server leading to Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-23740
23 Nov 2022 — CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. To exploit this vulnerability, an attacker would need permission to create and build GitHub Pages using GitHub Actions. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program. CRÍTICO: Se identificó una neutralización incorrecta... • https://docs.github.com/en/enterprise-server%403.7/admin/release-notes#3.7.1 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23738 – Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files
https://notcve.org/view.php?id=CVE-2022-23738
01 Nov 2022 — An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10... • https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.9EPSS: 0%CPEs: 5EXPL: 0CVE-2022-39321 – GitHub Actions Runner vulnerable to Docker Command Escaping
https://notcve.org/view.php?id=CVE-2022-39321
25 Oct 2022 — GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands was discovered in versions prior to 2.296.2, 2.293.1, 2.289.4, 2.285.2, and 2.283.4 that allows an input to escape the environment variable and modify that docker command invocation directly. Jobs that use container a... • https://github.com/actions/runner/pull/2107 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •