GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,549 advisories
Laravel has a File Validation Bypass
Moderate
CVE-2025-27515
was published
for
laravel/framework
(Composer)
Mar 5, 2025
REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation
Moderate
CVE-2025-27412
was published
for
redaxo/source
(Composer)
Mar 5, 2025
REDAXO allows Arbitrary File Upload in the mediapool page
Moderate
CVE-2025-27411
was published
for
redaxo/source
(Composer)
Mar 5, 2025
Formwork has a cross-site scripting (XSS) vulnerability in Site title
Moderate
GHSA-vf6x-59hh-332f
was published
for
getformwork/formwork
(Composer)
Mar 1, 2025
Mautic allows Relative Path Traversal in assets file upload
Moderate
CVE-2022-25773
was published
for
mautic/core
(Composer)
Feb 26, 2025
Leantime affected by Improper Neutralization of HTML Tags
Moderate
GHSA-95j3-435g-vjcp
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Cross-Site Request Forgery (CSRF)
Moderate
GHSA-92xh-6x7v-4rmq
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Stored Cross-Site Scripting (XSS)
Moderate
GHSA-63cr-xg3f-8jvr
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Refelected Cross-Site Scripting (XSS)
Moderate
GHSA-52xf-h226-pfgx
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime has Insufficiently Protected Credentials
Moderate
GHSA-h6w8-27ph-c385
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Stored Cross-Site Scripting (XSS)
Moderate
GHSA-mg4c-884j-pcq9
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime has Host Header Injection Vulnerability
Moderate
GHSA-99r5-84gr-59f6
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
ProTip!
Advisories are also available from the
GraphQL API