GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
48 advisories
Filter by severity
Path Traversal within joomla/archive zip class
Moderate
CVE-2021-26028
was published
for
joomla/archive
(Composer)
Mar 24, 2021
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files
Moderate
CVE-2006-5031
was published
for
cakephp/cakephp
(Composer)
May 1, 2022
Path Traversal in FileGator
Moderate
CVE-2022-1850
was published
for
filegator/filegator
(Composer)
May 25, 2022
Path Traversal in the Logs plugin for Craft CMS
Moderate
CVE-2022-23409
was published
for
ether/logs
(Composer)
Feb 1, 2022
Path Traversal in S-Cart
Moderate
CVE-2021-44111
was published
for
s-cart/s-cart
(Composer)
Feb 12, 2022
Path traversal in pimcore
Moderate
CVE-2022-0665
was published
for
pimcore/pimcore
(Composer)
Feb 23, 2022
Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files
Moderate
CVE-2023-27577
was published
for
flarum/core
(Composer)
Mar 13, 2023
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence
Moderate
CVE-2006-3360
was published
for
phpsysinfo/phpsysinfo
(Composer)
May 1, 2022
LibreNMS Arbitrary File Read
Moderate
CVE-2017-16759
was published
for
librenms/librenms
(Composer)
May 13, 2022
ImpressCMS Path Traversal to Arbitrary File Delete
Moderate
CVE-2014-1836
was published
for
impresscms/impresscms
(Composer)
May 17, 2022
Mautic users able to download any files from server using filemanager
Moderate
CVE-2017-1000490
was published
for
mautic/core
(Composer)
Jan 19, 2021
SUKOHI Surpass Path Traversal vulnerability
Moderate
CVE-2015-10030
was published
for
sukohi/surpass
(Composer)
Jan 8, 2023
PrestaShop file access through path traversal
Moderate
CVE-2023-39528
was published
for
prestashop/prestashop
(Composer)
Aug 9, 2023
Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php
Moderate
CVE-2023-30855
was published
for
pimcore/pimcore
(Composer)
May 2, 2023
Arbitrary File Read in Admin JS CSS files
Moderate
CVE-2023-30852
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
baserCMS Directory Traversal vulnerability in Form submission data management Feature
Moderate
CVE-2023-43648
was published
for
baserproject/basercms
(Composer)
Oct 26, 2023
Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction
Moderate
CVE-2023-38708
was published
for
pimcore/pimcore
(Composer)
Aug 3, 2023
Path Traversal in Asset "import from server" option
Moderate
CVE-2023-2336
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
PrestaShop path traversal
Moderate
CVE-2023-39525
was published
for
prestashop/prestashop
(Composer)
Aug 9, 2023
UniSharp Laravel Filemanager directory traversal vulnerability
Moderate
CVE-2022-40734
was published
for
unisharp/laravel-filemanager
(Composer)
Sep 15, 2022
MAGMI plugin for Magento Server Directory Traversal
Moderate
CVE-2015-2067
was published
for
dweeves/magmi
(Composer)
May 13, 2022
Potential URI resolution path traversal in the AWS SDK for PHP
Moderate
CVE-2023-51651
was published
for
aws/aws-sdk-php
(Composer)
Dec 21, 2023
Magento Path Traversal
Moderate
CVE-2020-3717
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento path traversal vulnerability
Moderate
CVE-2020-9689
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Path Traversal vulnerability
Moderate
CVE-2021-28584
was published
for
magento/community-edition
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API