GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
Mautic users able to download any files from server using filemanager
Moderate
CVE-2017-1000490
was published
for
mautic/core
(Composer)
Jan 19, 2021
Path Traversal within joomla/archive zip class
Moderate
CVE-2021-26028
was published
for
joomla/archive
(Composer)
Mar 24, 2021
Path Traversal in the Logs plugin for Craft CMS
Moderate
CVE-2022-23409
was published
for
ether/logs
(Composer)
Feb 1, 2022
Path Traversal in S-Cart
Moderate
CVE-2021-44111
was published
for
s-cart/s-cart
(Composer)
Feb 12, 2022
Path traversal in pimcore
Moderate
CVE-2022-0665
was published
for
pimcore/pimcore
(Composer)
Feb 23, 2022
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence
Moderate
CVE-2006-3360
was published
for
phpsysinfo/phpsysinfo
(Composer)
May 1, 2022
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files
Moderate
CVE-2006-5031
was published
for
cakephp/cakephp
(Composer)
May 1, 2022
Moodle directory traversal vulnerability
Moderate
CVE-2015-1493
was published
for
moodle/moodle
(Composer)
May 13, 2022
phpMyAdmin Arbitrary file read vulnerability
Moderate
CVE-2019-6799
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 13, 2022
MAGMI plugin for Magento Server Directory Traversal
Moderate
CVE-2015-2067
was published
for
dweeves/magmi
(Composer)
May 13, 2022
LibreNMS Arbitrary File Read
Moderate
CVE-2017-16759
was published
for
librenms/librenms
(Composer)
May 13, 2022
SabreDAV Directory Traversal vulnerability
Moderate
CVE-2013-1939
was published
for
sabre/dav
(Composer)
May 14, 2022
Smarty Path Traversal Vulnerability
Moderate
CVE-2018-16831
was published
for
smarty/smarty
(Composer)
May 14, 2022
OpenCart Path Traversal
Moderate
CVE-2018-11495
was published
for
opencart/opencart
(Composer)
May 14, 2022
ForkCMS Directory Traversal vulnerability
Moderate
CVE-2012-1207
was published
for
forkcms/forkcms
(Composer)
May 17, 2022
phpMyAdmin Directory Traversal Vulnerability
Moderate
CVE-2011-2718
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Contao Core directory traversal vulnerability
Moderate
CVE-2015-0269
was published
for
contao/core
(Composer)
May 17, 2022
ImpressCMS Path Traversal to Arbitrary File Delete
Moderate
CVE-2014-1836
was published
for
impresscms/impresscms
(Composer)
May 17, 2022
Magento Insecure Direct Object Reference (IDOR) vulnerability
Moderate
CVE-2019-7925
was published
for
magento/community-edition
(Composer)
May 24, 2022
TYPO3 Directory Traversal on ZIP extraction
Moderate
CVE-2019-19848
was published
for
typo3/cms
(Composer)
May 24, 2022
Magento Path Traversal
Moderate
CVE-2020-3717
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento path traversal vulnerability
Moderate
CVE-2020-9689
was published
for
magento/community-edition
(Composer)
May 24, 2022
browsershot local file inclusion vulnerability
Moderate
CVE-2020-7790
was published
for
spatie/browsershot
(Composer)
May 24, 2022
Grav CMS Local File Injection
Moderate
CVE-2020-29556
was published
for
getgrav/grav
(Composer)
May 24, 2022
Magento Path Traversal vulnerability
Moderate
CVE-2021-28584
was published
for
magento/community-edition
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API