Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Shopware: Unauthorized Payment Trigger for Foreign Orders via /store-api/handle-payment Moderate
CVE-2026-48016 was published for shopware/core (Composer) Jun 4, 2026
Symfony's Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay Moderate
CVE-2026-45074 was published for symfony/security-http (Composer) May 27, 2026
nicolas-grekas Credited to nicolas-grekas
Alt Redirect: Potential Authentication Bypass by Spoofing through query-string stripping logic flaw Moderate
CVE-2025-60868 was published for alt-design/alt-redirect (Composer) Oct 10, 2025
Alt-Ben Credited to Alt-Ben
Microweber before 1.2.21 allows attacker to bypass IP detection to brute-force password Moderate
CVE-2022-2368 was published for microweber/microweber (Composer) Jul 12, 2022
ProTip! Advisories are also available from the GraphQL API