Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
Grav File Upload Path Traversal High
CVE-2024-27921 was published for getgrav/grav (Composer) Mar 22, 2024
richighimi
Webtrees Path Traversal vulnerability Moderate
CVE-2024-22723 was published for fisharebest/webtrees (Composer) Feb 28, 2024
Appwrite Directory Traversal vulnerability High
CVE-2022-25377 was published for appwrite/server-ce (Composer) Feb 23, 2024
Path disclosure in JavaScript variable Moderate
CVE-2024-26129 was published for prestashop/prestashop (Composer) Feb 21, 2024
hugo-fasone matks
YetiForceCRM Directory Traversal vulnerability Moderate
CVE-2023-49508 was published for yetiforce/yetiforce-crm (Composer) Feb 16, 2024
Path Traversal in TYPO3 File Abstraction Layer Storages Moderate
CVE-2023-30451 was published for typo3/cms-core (Composer) Feb 13, 2024
ohader bnf
Winter CMS Local File Inclusion through Server Side Template Injection Low
CVE-2023-52085 was published for winter/wn-backend-module (Composer) Jan 2, 2024
Sanineng
Duplicate Advisory: TYPO3 Arbitrary File Read via Directory Traversal Moderate
GHSA-3gjc-mp82-fj4q was published for typo3/cms-core (Composer) Dec 25, 2023 withdrawn
Potential URI resolution path traversal in the AWS SDK for PHP Moderate
CVE-2023-51651 was published for aws/aws-sdk-php (Composer) Dec 21, 2023
arkark
PHPMemcachedAdmin Path Traversal vulnerability Critical
CVE-2023-6026 was published for elijaa/phpmemcacheadmin (Composer) Nov 30, 2023
OroPlatform vulnerable to path traversal during temporary file manipulations High
CVE-2022-41951 was published for oro/platform (Composer) Nov 27, 2023
baserCMS Directory Traversal vulnerability in Form submission data management Feature Moderate
CVE-2023-43648 was published for baserproject/basercms (Composer) Oct 26, 2023
OpenCart Path Traversal vulnerability High
CVE-2023-2315 was published for opencart/opencart (Composer) Sep 27, 2023
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter Critical
CVE-2015-5467 was published for yiisoft/yii2 (Composer) Sep 21, 2023
Cecil Path Traversal vulnerability High
CVE-2023-4914 was published for cecil/cecil (Composer) Sep 12, 2023
PrestaShop file access through path traversal Moderate
CVE-2023-39528 was published for prestashop/prestashop (Composer) Aug 9, 2023
PrestaShop path traversal Moderate
CVE-2023-39525 was published for prestashop/prestashop (Composer) Aug 9, 2023
Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction Moderate
CVE-2023-38708 was published for pimcore/pimcore (Composer) Aug 3, 2023
TobiSW
php-imap vulnerable to RCE through a directory traversal vulnerability Critical
CVE-2023-35169 was published for webklex/laravel-imap (Composer) Jun 21, 2023
angelej
elFinder vulnerable to path traversal in LocalVolumeDriver connector High
CVE-2023-35840 was published for studio-42/elfinder (Composer) Jun 14, 2023
sectroyer
Froxlor vulnerable to Path Traversal High
CVE-2023-3172 was published for froxlor/froxlor (Composer) Jun 9, 2023
Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php Moderate
CVE-2023-30855 was published for pimcore/pimcore (Composer) May 2, 2023
Arbitrary File Read in Admin JS CSS files Moderate
CVE-2023-30852 was published for pimcore/pimcore (Composer) Apr 27, 2023
Path Traversal in Asset "import from server" option Moderate
CVE-2023-2336 was published for pimcore/pimcore (Composer) Apr 27, 2023
rekter0
Path traversal vulnerability in the file manager High
CVE-2023-29200 was published for contao/contao (Composer) Apr 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database