GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,506 advisories
Leantime affected by Improper Neutralization of HTML Tags
Moderate
GHSA-95j3-435g-vjcp
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Cross-Site Request Forgery (CSRF)
Moderate
GHSA-92xh-6x7v-4rmq
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Stored Cross-Site Scripting (XSS)
Moderate
GHSA-63cr-xg3f-8jvr
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Refelected Cross-Site Scripting (XSS)
Moderate
GHSA-52xf-h226-pfgx
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime has Insufficiently Protected Credentials
Moderate
GHSA-h6w8-27ph-c385
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime allows Stored Cross-Site Scripting (XSS)
Moderate
GHSA-mg4c-884j-pcq9
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Leantime has Host Header Injection Vulnerability
Moderate
GHSA-99r5-84gr-59f6
was published
for
leantime/leantime
(Composer)
Feb 21, 2025
Mautic has insufficient authentication in upgrade flow
Moderate
CVE-2022-25770
was published
for
mautic/core
(Composer)
Sep 18, 2024
Code Snippet GeSHi plugin in CKEditor 4 has reflected cross-site scripting (XSS) vulnerability
Moderate
CVE-2024-43407
was published
for
ckeditor/ckeditor
(Composer)
Aug 21, 2024
Symfony storing cookie headers in HttpCache
Moderate
CVE-2022-24894
was published
for
symfony/http-kernel
(Composer)
Feb 1, 2023
Pimcore Admin Classic Bundle allows user enumeration
Moderate
CVE-2025-24980
was published
for
pimcore/admin-ui-classic-bundle
(Composer)
Feb 7, 2025
ProTip!
Advisories are also available from the
GraphQL API