Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

98 advisories

Loading
Moodle XSS Vulnerability Moderate
CVE-2019-3847 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to modify "Exclude grade" settings Moderate
CVE-2016-2155 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Reflected XSS in mod_data advanced search Moderate
CVE-2016-2153 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle provides calendar-event data without considering whether an activity is hidden Moderate
CVE-2016-2156 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover student e-mail addresses Moderate
CVE-2016-2151 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-0724 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover hidden course names Moderate
CVE-2016-2154 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle XSS from profile fields from external db Moderate
CVE-2016-2152 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-2190 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive category-detail information Moderate
CVE-2016-2158 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle External function mod_assign_save_submission does not check due dates Moderate
CVE-2016-2159 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Improper Access Control Moderate
CVE-2016-3733 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain username and course information Moderate
CVE-2014-3546 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3547 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle remote code execution via quiz questions Moderate
CVE-2014-3545 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows remote attackers to read arbitrary files Moderate
CVE-2014-3542 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2014-7833 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to bypass the mod/lti:view capability requirement Moderate
CVE-2014-7832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not verify group permissions Moderate
CVE-2014-7834 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not enforce the moodle/site:accessallgroups capability requirement Moderate
CVE-2014-3553 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle exposes hidden grades to students Moderate
CVE-2014-7831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3548 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module Moderate
CVE-2014-7838 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows discovery of an author's username Moderate
CVE-2014-3617 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API