Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98 advisories

Loading
Moodle XSS Vulnerability Moderate
CVE-2019-3847 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to modify "Exclude grade" settings Moderate
CVE-2016-2155 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Reflected XSS in mod_data advanced search Moderate
CVE-2016-2153 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle provides calendar-event data without considering whether an activity is hidden Moderate
CVE-2016-2156 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover student e-mail addresses Moderate
CVE-2016-2151 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-0724 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover hidden course names Moderate
CVE-2016-2154 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle XSS from profile fields from external db Moderate
CVE-2016-2152 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-2190 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive category-detail information Moderate
CVE-2016-2158 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle External function mod_assign_save_submission does not check due dates Moderate
CVE-2016-2159 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Improper Access Control Moderate
CVE-2016-3733 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain username and course information Moderate
CVE-2014-3546 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3547 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle remote code execution via quiz questions Moderate
CVE-2014-3545 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows remote attackers to read arbitrary files Moderate
CVE-2014-3542 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2014-7833 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to bypass the mod/lti:view capability requirement Moderate
CVE-2014-7832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not verify group permissions Moderate
CVE-2014-7834 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not enforce the moodle/site:accessallgroups capability requirement Moderate
CVE-2014-3553 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle exposes hidden grades to students Moderate
CVE-2014-7831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3548 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module Moderate
CVE-2014-7838 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows discovery of an author's username Moderate
CVE-2014-3617 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database