VYPR

Enterprise

by GitHub

CVEs (5)

  • CVE-2017-18365CriMar 28, 2019
    risk 0.68cvss 9.8epss 0.21

    The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code.…

  • CVE-2012-2055HigApr 5, 2012
    risk 0.49cvss 7.5epss 0.02

    GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a modified URL for the public-key update form, related to a "mass assignment"…

  • CVE-2026-8606MedMay 27, 2026
    risk 0.38cvss 5.9epss 0.00

    A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By directing requests to an internal…

  • CVE-2002-0296May 31, 2002
    risk 0.03cvss epss 0.01

    The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.

  • CVE-2002-0211May 16, 2002
    risk 0.03cvss epss 0.01

    Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.