GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,780 advisories
Mautic Vulnerable to User Enumeration via Response Timing
Moderate
CVE-2025-9824
was published
for
mautic/core
(Composer)
Sep 3, 2025
Mautic vulnerable to reflected XSS in lead:addLeadTags - Quick Add
Moderate
CVE-2025-9823
was published
for
mautic/core
(Composer)
Sep 3, 2025
Mautic vulnerable to secret data extraction via elfinder
Moderate
CVE-2025-9822
was published
for
mautic/core
(Composer)
Sep 3, 2025
Symfony UX allows unsanitized HTML attribute injection via ComponentAttributes
Moderate
CVE-2025-47946
was published
for
symfony/ux-live-component
(Composer)
May 19, 2025
Contao does not properly manage privileges for page and article fields
Moderate
CVE-2025-57759
was published
for
contao/contao
(Composer)
Aug 28, 2025
Contao can disclose sensitive information in the news module
Moderate
CVE-2025-57757
was published
for
contao/contao
(Composer)
Aug 28, 2025
Contao discloses sensitive information in the front end search index
Moderate
CVE-2025-57756
was published
for
contao/contao
(Composer)
Aug 28, 2025
Craft CMS Potential Remote Code Execution via Twig SSTI
Moderate
CVE-2025-57811
was published
for
craftcms/cms
(Composer)
Aug 25, 2025
UnoPim has Stored Cross-site Scripting vulnerability in user creation functionality
Moderate
CVE-2025-55742
was published
for
unopim/unopim
(Composer)
Aug 21, 2025
UnoPim vulnerable to CSRF on Product edit feature and creation of other types
Moderate
CVE-2025-55744
was published
for
unopim/unopim
(Composer)
Aug 21, 2025
ProTip!
Advisories are also available from the
GraphQL API