Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

113 advisories

Loading
Drupal Node Validation Bypass in the node module API High
CVE-2008-4793 was published for drupal/drupal (Composer) May 17, 2022
Mediawiki tarball is missing .htaccess files Moderate
CVE-2018-13258 was published for mediawiki/core (Composer) May 14, 2022
Craft CMS Unauthorized View Moderate
CVE-2017-8383 was published for craftcms/cms (Composer) May 13, 2022
Drupal access control bypass vulnerability High
CVE-2017-6919 was published for drupal/core (Composer) May 13, 2022
Drupal access bypass vulnerability High
CVE-2017-6930 was published for drupal/core (Composer) May 13, 2022
Contao Information Disclosure via Access Control Flaws Moderate
CVE-2018-20028 was published for contao/contao (Composer) May 13, 2022
Moodle does not properly restrict access to category and course data Moderate
CVE-2011-4300 was published for moodle/moodle (Composer) May 13, 2022
Moodle is vulnerable to unauthorized new accounts creation Moderate
CVE-2010-1616 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not consider "don't send" attributes during hub registration Moderate
CVE-2013-2081 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows remote authenticated users to reassign notes Moderate
CVE-2013-1834 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not enforce the forceloginforprofiles setting Moderate
CVE-2013-1830 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to extract archives to arbitrary directories Moderate
CVE-2015-2267 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Unauthenticated Access Moderate
CVE-2016-8642 was published for moodle/moodle (Composer) May 13, 2022
Moodle Improper Access Control Moderate
CVE-2016-3733 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Improper Access Control Moderate
CVE-2016-3729 was published for moodle/moodle (Composer) May 13, 2022
Moodle External function mod_assign_save_submission does not check due dates Moderate
CVE-2016-2159 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Incorrect Authorization in microweber High
CVE-2022-1631 was published for microweber/microweber (Composer) May 10, 2022
Improper Access Control in wp-graphql Moderate
CVE-2019-25060 was published for wp-graphql/wp-graphql (Composer) May 10, 2022
Exposure of Resource to Wrong Sphere in ThinkPHP Framework High
CVE-2022-25481 was published for topthink/framework (Composer) Mar 22, 2022
Improper Access Control in librenms High
CVE-2022-0580 was published for librenms/librenms (Composer) Feb 16, 2022
Unrestricted Upload of File with Dangerous Type in Drupal core Critical
CVE-2020-13675 was published for drupal/core (Composer) Feb 12, 2022
Incorrect Authorization in Drupal core Moderate
CVE-2020-13676 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
Drupal core access bypass vulnerability High
CVE-2020-13677 was published for drupal/core (Composer) Feb 12, 2022
Missing Authorization in Crater Invoice Moderate
CVE-2022-0203 was published for bytefury/crater (Composer) Jan 27, 2022
Improper Access Control in snipe-it Moderate
CVE-2022-0178 was published for snipe/snipe-it (Composer) Jan 26, 2022
ProTip! Advisories are also available from the GraphQL API