Vulnerabilities > Github > Low

DATE CVE VULNERABILITY TITLE RISK
2024-09-23 CVE-2024-8263 Unspecified vulnerability in Github Enterprise Server
An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags.
network
low complexity
github
2.7
2023-12-21 CVE-2023-6690 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Github Enterprise Server
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
network
high complexity
github CWE-367
2.0