Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,611
NuGet
638
pip
3,209
Pub
10
RubyGems
853
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

100 advisories

Loading
Magento path traversal vulnerability Moderate
CVE-2020-9689 was published for magento/community-edition (Composer) May 24, 2022
EC-CUBE Directory traversal vulnerability High
CVE-2020-5590 was published for ec-cube/ec-cube (Composer) May 24, 2022
TeamPass PHP arbitrary file include vulnerability High
CVE-2020-12479 was published for nilsteampassnet/teampass (Composer) May 24, 2022
Magento Path Traversal Moderate
CVE-2020-3717 was published for magento/community-edition (Composer) May 24, 2022
TYPO3 Directory Traversal on ZIP extraction Moderate
CVE-2019-19848 was published for typo3/cms (Composer) May 24, 2022
Magento Insecure Direct Object Reference (IDOR) vulnerability Moderate
CVE-2019-7925 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Path Traversal Vulnerability High
CVE-2019-7859 was published for magento/community-edition (Composer) May 24, 2022
ImpressCMS Path Traversal to Arbitrary File Delete Moderate
CVE-2014-1836 was published for impresscms/impresscms (Composer) May 17, 2022
Contao Core directory traversal vulnerability Moderate
CVE-2015-0269 was published for contao/core (Composer) May 17, 2022
phpMyAdmin Directory Traversal Vulnerability Moderate
CVE-2011-2718 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
ForkCMS Directory Traversal vulnerability Moderate
CVE-2012-1207 was published for forkcms/forkcms (Composer) May 17, 2022
OpenCart Path Traversal Moderate
CVE-2018-11495 was published for opencart/opencart (Composer) May 14, 2022
OpenCart Path Traversal High
CVE-2018-11494 was published for opencart/opencart (Composer) May 14, 2022
Smarty Path Traversal Vulnerability Moderate
CVE-2018-16831 was published for smarty/smarty (Composer) May 14, 2022
Ocramius
SabreDAV Directory Traversal vulnerability Moderate
CVE-2013-1939 was published for sabre/dav (Composer) May 14, 2022
Symfony Directory Traversal High
CVE-2017-16654 was published for symfony/intl (Composer) May 14, 2022
LibreNMS Arbitrary File Read Moderate
CVE-2017-16759 was published for librenms/librenms (Composer) May 13, 2022
Contao Core directory traversal vulnerability High
CVE-2017-10993 was published for contao/contao (Composer) May 13, 2022
MAGMI plugin for Magento Server Directory Traversal Moderate
CVE-2015-2067 was published for dweeves/magmi (Composer) May 13, 2022
phpMyAdmin Arbitrary file read vulnerability Moderate
CVE-2019-6799 was published for phpmyadmin/phpmyadmin (Composer) May 13, 2022
Moodle directory traversal vulnerability Moderate
CVE-2015-1493 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Directory Traversal in Studio 42 elFinder Critical
CVE-2018-9110 was published for studio-42/elfinder (Composer) May 13, 2022
elFinder Path Traversal vulnerability Critical
CVE-2018-9109 was published for studio-42/elfinder (Composer) May 13, 2022
Smarty Path Traversal Vulnerability High
CVE-2018-13982 was published for smarty/smarty (Composer) May 13, 2022
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files Moderate
CVE-2006-5031 was published for cakephp/cakephp (Composer) May 1, 2022
ravage84
ProTip! Advisories are also available from the GraphQL API