Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

48 advisories

Loading
Path Traversal within joomla/archive zip class Moderate
CVE-2021-26028 was published for joomla/archive (Composer) Mar 24, 2021
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files Moderate
CVE-2006-5031 was published for cakephp/cakephp (Composer) May 1, 2022
ravage84
Path Traversal in FileGator Moderate
CVE-2022-1850 was published for filegator/filegator (Composer) May 25, 2022
Path Traversal in the Logs plugin for Craft CMS Moderate
CVE-2022-23409 was published for ether/logs (Composer) Feb 1, 2022
Path Traversal in S-Cart Moderate
CVE-2021-44111 was published for s-cart/s-cart (Composer) Feb 12, 2022
Path traversal in pimcore Moderate
CVE-2022-0665 was published for pimcore/pimcore (Composer) Feb 23, 2022
Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files Moderate
CVE-2023-27577 was published for flarum/core (Composer) Mar 13, 2023
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence Moderate
CVE-2006-3360 was published for phpsysinfo/phpsysinfo (Composer) May 1, 2022
LibreNMS Arbitrary File Read Moderate
CVE-2017-16759 was published for librenms/librenms (Composer) May 13, 2022
ImpressCMS Path Traversal to Arbitrary File Delete Moderate
CVE-2014-1836 was published for impresscms/impresscms (Composer) May 17, 2022
Mautic users able to download any files from server using filemanager Moderate
CVE-2017-1000490 was published for mautic/core (Composer) Jan 19, 2021
SUKOHI Surpass Path Traversal vulnerability Moderate
CVE-2015-10030 was published for sukohi/surpass (Composer) Jan 8, 2023
PrestaShop file access through path traversal Moderate
CVE-2023-39528 was published for prestashop/prestashop (Composer) Aug 9, 2023
Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php Moderate
CVE-2023-30855 was published for pimcore/pimcore (Composer) May 2, 2023
Arbitrary File Read in Admin JS CSS files Moderate
CVE-2023-30852 was published for pimcore/pimcore (Composer) Apr 27, 2023
baserCMS Directory Traversal vulnerability in Form submission data management Feature Moderate
CVE-2023-43648 was published for baserproject/basercms (Composer) Oct 26, 2023
Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction Moderate
CVE-2023-38708 was published for pimcore/pimcore (Composer) Aug 3, 2023
TobiSW
Path Traversal in Asset "import from server" option Moderate
CVE-2023-2336 was published for pimcore/pimcore (Composer) Apr 27, 2023
rekter0
PrestaShop path traversal Moderate
CVE-2023-39525 was published for prestashop/prestashop (Composer) Aug 9, 2023
UniSharp Laravel Filemanager directory traversal vulnerability Moderate
CVE-2022-40734 was published for unisharp/laravel-filemanager (Composer) Sep 15, 2022
streamtw
MAGMI plugin for Magento Server Directory Traversal Moderate
CVE-2015-2067 was published for dweeves/magmi (Composer) May 13, 2022
Potential URI resolution path traversal in the AWS SDK for PHP Moderate
CVE-2023-51651 was published for aws/aws-sdk-php (Composer) Dec 21, 2023
arkark
Magento Path Traversal Moderate
CVE-2020-3717 was published for magento/community-edition (Composer) May 24, 2022
Magento path traversal vulnerability Moderate
CVE-2020-9689 was published for magento/community-edition (Composer) May 24, 2022
Magento Path Traversal vulnerability Moderate
CVE-2021-28584 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database