Vulnerabilities > Github > Enterprise Server > 3.0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-1354 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the `syslog-ng` configuration file. | 8.0 |
| 2024-02-13 | CVE-2024-1355 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. | 9.1 |
| 2024-02-13 | CVE-2024-1359 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. | 9.1 |
| 2024-02-13 | CVE-2024-1369 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. | 9.1 |
| 2024-02-13 | CVE-2024-1372 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. | 9.1 |
| 2024-02-13 | CVE-2024-1374 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. | 9.1 |
| 2024-02-13 | CVE-2024-1378 | Command Injection vulnerability in Github Enterprise Server A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. | 9.1 |
| 2024-01-16 | CVE-2024-0507 | Command Injection vulnerability in Github Enterprise Server An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. | 8.8 |
| 2023-09-22 | CVE-2023-23766 | Incorrect Comparison vulnerability in Github Enterprise Server An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. | 6.5 |
| 2023-03-08 | CVE-2023-23760 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. | 8.8 |