Vulnerabilities > Github
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-6803 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Github Enterprise Server A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. | 4.0 |
| 2023-12-21 | CVE-2023-6804 | Improper Privilege Management vulnerability in Github Enterprise Server Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. | 5.5 |
| 2023-12-21 | CVE-2023-6847 | Improper Authentication vulnerability in Github Enterprise Server An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. | 7.5 |
| 2023-09-22 | CVE-2023-23766 | Incorrect Comparison vulnerability in Github Enterprise Server An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. | 6.5 |
| 2023-09-01 | CVE-2023-23763 | Missing Authorization vulnerability in Github Enterprise Server An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. | 5.3 |
| 2023-08-30 | CVE-2023-23765 | Incorrect Comparison vulnerability in Github Enterprise Server An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. | 6.5 |
| 2023-07-27 | CVE-2023-23764 | Incorrect Comparison vulnerability in Github Enterprise Server An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. | 7.1 |
| 2023-07-13 | CVE-2023-37463 | Unspecified vulnerability in Github Cmark-Gfm cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. | 7.5 |
| 2023-07-11 | CVE-2023-36867 | Unspecified vulnerability in Github Pull Requests and Issues Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability | 7.8 |
| 2023-03-31 | CVE-2023-26485 | Resource Exhaustion vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |