Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,886 advisories

Loading
Moodle Authentication Bypass in File Upload Moderate
CVE-2012-3387 was published for moodle/moodle (Composer) May 13, 2022
Moodle Allows Unauthenticated Dropbox Access Moderate
CVE-2012-5471 was published for moodle/moodle (Composer) May 13, 2022
Moodle CRLF Injection Vulnerability in Calendar Component Moderate
CVE-2011-4203 was published for moodle/moodle (Composer) May 13, 2022
Moodle Users Can Bypass Deleted Status Moderate
CVE-2012-0797 was published for moodle/moodle (Composer) May 13, 2022
Moodle Cross-site Scripting vulnerability in the KSES text cleaning filter Moderate
CVE-2010-2230 was published for moodle/moodle (Composer) May 13, 2022
Moodle Authentication Bypass in Question-Bank Moderate
CVE-2012-2356 was published for moodle/moodle (Composer) May 13, 2022
Moodle Exposes Sensitive User Information Moderate
CVE-2012-2353 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-Site Request Forgery Moderate
CVE-2011-4133 was published for moodle/moodle (Composer) May 13, 2022
Moodle Session Fixation vulnerability Moderate
CVE-2010-1613 was published for moodle/moodle (Composer) May 13, 2022
Moodle is vulnerable to unauthorized new accounts creation Moderate
CVE-2010-1616 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-site Scripting Moderate
CVE-2011-4286 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information Moderate
CVE-2011-4283 was published for moodle/moodle (Composer) May 13, 2022
Moodle XSS In Tag Autocomplete functionality Moderate
CVE-2011-4278 was published for moodle/moodle (Composer) May 13, 2022
phpCAS client library and Moodle Cross-site Scripting vulnerability Moderate
CVE-2010-1618 was published for apereo/phpcas (Composer) May 13, 2022
Moodle Open Redirect Via Error Messages Moderate
CVE-2011-4294 was published for moodle/moodle (Composer) May 13, 2022
Moodle Allows Modification of Constants Moderate
CVE-2011-4301 was published for moodle/moodle (Composer) May 13, 2022
Moodle XSS Vulnerability Moderate
CVE-2011-4306 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-Site Request Forgery Moderate
CVE-2011-4298 was published for moodle/moodle (Composer) May 13, 2022
Moodle Double-Caches Content, Potentially Writing to a File System's Tmp Directory Moderate
CVE-2011-4293 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not properly restrict comment capabilities Moderate
CVE-2011-4297 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not properly restrict access to category and course data Moderate
CVE-2011-4300 was published for moodle/moodle (Composer) May 13, 2022
Moodle Open Redirect in Calendar Set Page Moderate
CVE-2011-4582 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control Moderate
CVE-2011-4279 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-Site Request Forgery Moderate
CVE-2011-4281 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page Moderate
CVE-2011-4284 was published for moodle/moodle (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database