Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

114 advisories

Loading
melisplatform/melis-asset-manager vulnerable to Path Traversal High
CVE-2022-39296 was published for melisplatform/melis-asset-manager (Composer) Oct 11, 2022
Twig may load a template outside a configured directory when using the filesystem loader High
CVE-2022-39261 was published for twig/twig (Composer) Sep 30, 2022
EC-CUBE Directory traversal vulnerability Low
CVE-2022-40199 was published for ec-cube/ec-cube (Composer) Sep 28, 2022
ICEcoder vulnerable to Path Traversal High
CVE-2022-34026 was published for icecoder/icecoder (Composer) Sep 23, 2022
UniSharp Laravel Filemanager directory traversal vulnerability Moderate
CVE-2022-40734 was published for unisharp/laravel-filemanager (Composer) Sep 15, 2022
streamtw
Magento Path Traversal vulnerability High
CVE-2022-34254 was published for magento/community-edition (Composer) Aug 17, 2022
Path traversal in Concrete CMS Critical
CVE-2022-30117 was published for concrete5/core (Composer) Jun 25, 2022
Path Traversal in FileGator Moderate
CVE-2022-1850 was published for filegator/filegator (Composer) May 25, 2022
Magento Path Traversal vulnerability Moderate
CVE-2021-28584 was published for magento/community-edition (Composer) May 24, 2022
Grav CMS Arbitrary File Deletion High
CVE-2020-29555 was published for getgrav/grav (Composer) May 24, 2022
Grav CMS Local File Injection Moderate
CVE-2020-29556 was published for getgrav/grav (Composer) May 24, 2022
browsershot local file inclusion vulnerability Moderate
CVE-2020-7790 was published for spatie/browsershot (Composer) May 24, 2022
ThinkAdmin directory traversal vulnerability High
CVE-2020-25540 was published for zoujingli/thinkadmin (Composer) May 24, 2022
Magento path traversal vulnerability Moderate
CVE-2020-9689 was published for magento/community-edition (Composer) May 24, 2022
EC-CUBE Directory traversal vulnerability High
CVE-2020-5590 was published for ec-cube/ec-cube (Composer) May 24, 2022
TeamPass PHP arbitrary file include vulnerability High
CVE-2020-12479 was published for nilsteampassnet/teampass (Composer) May 24, 2022
Magento Path Traversal Moderate
CVE-2020-3717 was published for magento/community-edition (Composer) May 24, 2022
TYPO3 Directory Traversal on ZIP extraction Moderate
CVE-2019-19848 was published for typo3/cms (Composer) May 24, 2022
Magento Insecure Direct Object Reference (IDOR) vulnerability Moderate
CVE-2019-7925 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Path Traversal Vulnerability High
CVE-2019-7859 was published for magento/community-edition (Composer) May 24, 2022
ImpressCMS Path Traversal to Arbitrary File Delete Moderate
CVE-2014-1836 was published for impresscms/impresscms (Composer) May 17, 2022
Contao Core directory traversal vulnerability Moderate
CVE-2015-0269 was published for contao/core (Composer) May 17, 2022
phpMyAdmin Directory Traversal Vulnerability Moderate
CVE-2011-2718 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
ForkCMS Directory Traversal vulnerability Moderate
CVE-2012-1207 was published for forkcms/forkcms (Composer) May 17, 2022
OpenCart Path Traversal Moderate
CVE-2018-11495 was published for opencart/opencart (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database