Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

48 advisories

Loading
Path Traversal in LibreNMS High
CVE-2019-12464 was published for librenms/librenms (Composer) Oct 11, 2019
Relative Path Traversal (CWE-23) in chunked uploads in oneup/uploader-bundle High
CVE-2020-5237 was published for oneup/uploader-bundle (Composer) Feb 18, 2020
Local File Inclusion by unauthenticated users High
CVE-2020-15246 was published for october/cms (Composer) Nov 23, 2020
ka1n4t
Path traversal in bolt/core High
CVE-2021-27367 was published for bolt/core (Composer) Feb 18, 2021
Path traversal in pimcore/pimcore High
CVE-2021-23340 was published for pimcore/pimcore (Composer) Feb 25, 2021
Broken Access Control in Form Framework High
CVE-2021-21357 was published for typo3/cms (Composer) Mar 23, 2021
sushiwushi waldhacker1
Directory Traversal in Archive_Tar High
CVE-2020-36193 was published for pear/archive_tar (Composer) Apr 22, 2021
Path traversal in grav High
CVE-2021-3924 was published for getgrav/grav (Composer) Nov 10, 2021
Potential Zip Slip Vulnerability in baserCMS High
CVE-2021-41279 was published for baserproject/basercms (Composer) Dec 1, 2021
PHP file inclusion in the Sulu admin panel High
CVE-2021-43836 was published for sulu/sulu (Composer) Dec 15, 2021
Zip slip in Microweber High
CVE-2020-28337 was published for microweber/microweber (Composer) Feb 10, 2022
Path Traversal in ImpressCMS High
CVE-2021-26601 was published for impresscms/impresscms (Composer) Mar 29, 2022
Path Traversal within joomla/archive tar class High
CVE-2022-23793 was published for joomla/archive (Composer) Mar 31, 2022
Smarty Path Traversal Vulnerability High
CVE-2018-13982 was published for smarty/smarty (Composer) May 13, 2022
Contao Core directory traversal vulnerability High
CVE-2017-10993 was published for contao/contao (Composer) May 13, 2022
Symfony Directory Traversal High
CVE-2017-16654 was published for symfony/intl (Composer) May 14, 2022
OpenCart Path Traversal High
CVE-2018-11494 was published for opencart/opencart (Composer) May 14, 2022
Magento 2 Community Edition Path Traversal Vulnerability High
CVE-2019-7859 was published for magento/community-edition (Composer) May 24, 2022
TeamPass PHP arbitrary file include vulnerability High
CVE-2020-12479 was published for nilsteampassnet/teampass (Composer) May 24, 2022
EC-CUBE Directory traversal vulnerability High
CVE-2020-5590 was published for ec-cube/ec-cube (Composer) May 24, 2022
ThinkAdmin directory traversal vulnerability High
CVE-2020-25540 was published for zoujingli/thinkadmin (Composer) May 24, 2022
Grav CMS Arbitrary File Deletion High
CVE-2020-29555 was published for getgrav/grav (Composer) May 24, 2022
Magento Path Traversal vulnerability High
CVE-2022-34254 was published for magento/community-edition (Composer) Aug 17, 2022
ICEcoder vulnerable to Path Traversal High
CVE-2022-34026 was published for icecoder/icecoder (Composer) Sep 23, 2022
Twig may load a template outside a configured directory when using the filesystem loader High
CVE-2022-39261 was published for twig/twig (Composer) Sep 30, 2022
ProTip! Advisories are also available from the GraphQL API