Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,869 advisories

Loading
Moodle Grade information disclosure in grade's external fetch functions Moderate
CVE-2021-20184 was published for moodle/moodle (Composer) May 24, 2022
Moodle Cross-site Scripting (XSS) Moderate
CVE-2020-25631 was published for moodle/moodle (Composer) May 24, 2022
Moodle stored Cross-site Scripting (XSS) Moderate
CVE-2020-25627 was published for moodle/moodle (Composer) May 24, 2022
Moodle open redirect vulnerability Moderate
CVE-2019-14882 was published for moodle/moodle (Composer) May 24, 2022
Moodle type juggling vulnerability Moderate
CVE-2021-40693 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Improper Encoding or Escaping of Output Moderate
CVE-2021-40694 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-40695 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Stored XSS and blind SSRF possible via SCORM track details Moderate
CVE-2022-35651 was published for moodle/moodle (Composer) Jul 26, 2022
Moodle Glossary search displays entries without checking user permissions to view them Moderate
CVE-2016-5012 was published for moodle/moodle (Composer) May 17, 2022
Moodle Cross-site Scripting in assignment submission page Moderate
CVE-2017-2578 was published for moodle/moodle (Composer) May 17, 2022
Moodle Incorrect Authorization Moderate
CVE-2021-40692 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Improper Authentication Moderate
CVE-2021-40691 was published for moodle/moodle (Composer) Sep 30, 2022
Missing permission check in Moodle Moderate
CVE-2021-20283 was published for moodle/moodle (Composer) May 24, 2022
Bolt Cross-site Scripting (XSS) via a title that is mishandled in the system log Moderate
CVE-2019-15483 was published for bolt/bolt (Composer) May 24, 2022
Bolt Cross-site Scripting (XSS) via an image's alt or title field Moderate
CVE-2019-15484 was published for bolt/bolt (Composer) May 24, 2022
Bolt Cross-site Scripting via the slug, teaser or title parameters Moderate
CVE-2019-9553 was published for bolt/bolt (Composer) May 24, 2022
Bolt Improper Access Control Moderate
CVE-2017-16754 was published for bolt/bolt (Composer) May 13, 2022
Bolt stored Cross-site Scripting (XSS) Moderate
CVE-2017-11128 was published for bolt/bolt (Composer) May 17, 2022
Zend Access Restriction Bypass Moderate
CVE-2014-8088 was published for zendframework/zendframework (Composer) May 17, 2022
zend-diactoros Cross-site Scripting (XSS) Moderate
CVE-2015-3257 was published for zendframework/zend-diactoros (Composer) May 17, 2022
Mautic Cross Site Scripting (XSS) vulnerability Moderate
CVE-2017-1000506 was published for mautic/core (Composer) May 14, 2022
filp whoops Cross-site Scripting vulnerability Moderate
CVE-2017-16880 was published for filp/whoops (Composer) May 17, 2022
Coaster CMS Stored Cross-site Scripting vulnerability Moderate
CVE-2018-17876 was published for web-feet/coastercms (Composer) May 14, 2022
nZEDb Cross-site Scripting (XSS) in the 404 error page Moderate
CVE-2017-18286 was published for nzedb/nzedb (Composer) May 14, 2022
Moodle Unauthorized searching of arbitrary blogs by typing full url Moderate
CVE-2017-7490 was published for moodle/moodle (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database