GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
11 advisories
Mautic Vulnerable to User Enumeration via Response Timing
Moderate
CVE-2025-9824
was published
for
mautic/core
(Composer)
Sep 3, 2025
Mautic allows user name enumeration due to response time difference on password reset form
Moderate
CVE-2024-47057
was published
for
mautic/core
(Composer)
May 28, 2025
Shopware 6 allows attackers to check for registered accounts through the store-api
Moderate
CVE-2025-30150
was published
for
shopware/core
(Composer)
Apr 8, 2025
Pimcore Admin Classic Bundle allows user enumeration
Moderate
CVE-2025-24980
was published
for
pimcore/admin-ui-classic-bundle
(Composer)
Feb 7, 2025
Mautic allows users enumeration due to weak password login
Moderate
CVE-2024-47059
was published
for
mautic/core
(Composer)
Sep 18, 2024
The FIDO2/Webauthn Support for PHP library allows enumeration of valid usernames
Moderate
CVE-2024-39912
was published
for
web-auth/webauthn-framework
(Composer)
Jul 15, 2024
Sulu Observable Response Discrepancy on Admin Login
Moderate
CVE-2023-39343
was published
for
sulu/sulu
(Composer)
Aug 3, 2023
Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms
Moderate
CVE-2022-39314
was published
for
getkirby/cms
(Composer)
Oct 18, 2022
ProTip!
Advisories are also available from the
GraphQL API