GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,854 advisories
Laravel framework susceptible to reflected cross-site scripting
Moderate
CVE-2024-13918
was published
for
laravel/framework
(Composer)
Mar 10, 2025
Laravel has a File Validation Bypass
Moderate
CVE-2025-27515
was published
for
laravel/framework
(Composer)
Mar 5, 2025
REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation
Moderate
CVE-2025-27412
was published
for
redaxo/source
(Composer)
Mar 5, 2025
REDAXO allows Arbitrary File Upload in the mediapool page
Moderate
CVE-2025-27411
was published
for
redaxo/source
(Composer)
Mar 5, 2025
Formwork has a cross-site scripting (XSS) vulnerability in Site title
Moderate
GHSA-vf6x-59hh-332f
was published
for
getformwork/formwork
(Composer)
Mar 1, 2025
Mautic allows Relative Path Traversal in assets file upload
Moderate
CVE-2022-25773
was published
for
mautic/core
(Composer)
Feb 26, 2025
Leantime affected by Improper Neutralization of HTML Tags
Moderate
CVE-2025-28254
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Cross-Site Request Forgery (CSRF)
Moderate
GHSA-92xh-6x7v-4rmq
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Stored Cross-Site Scripting (XSS)
Moderate
GHSA-63cr-xg3f-8jvr
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Refelected Cross-Site Scripting (XSS)
Moderate
GHSA-52xf-h226-pfgx
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime has Insufficiently Protected Credentials
Moderate
GHSA-h6w8-27ph-c385
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Stored Cross-Site Scripting (XSS)
Moderate
GHSA-mg4c-884j-pcq9
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime has Host Header Injection Vulnerability
Moderate
GHSA-99r5-84gr-59f6
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
ProTip!
Advisories are also available from the
GraphQL API