GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
2,781 advisories
Filter by severity
Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members
Moderate
CVE-2011-4289
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows remote authenticated users to cause a denial of service (invalid database records)
Moderate
CVE-2011-4291
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows remote authenticated users to cause a denial of service (invalid database records)
Moderate
CVE-2011-4292
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not force password changes for autosubscribed users
Moderate
CVE-2011-4287
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page
Moderate
CVE-2011-4284
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Incorrect Default Settings
Moderate
CVE-2011-4285
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to XSS via bundled spikephpcoverage library
Moderate
CVE-2011-4280
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to Cross-Site Request Forgery
Moderate
CVE-2011-4281
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control
Moderate
CVE-2011-4279
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not properly restrict comment capabilities
Moderate
CVE-2011-4297
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Open Redirect in Calendar Set Page
Moderate
CVE-2011-4582
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not properly restrict access to category and course data
Moderate
CVE-2011-4300
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to Cross-Site Request Forgery
Moderate
CVE-2011-4298
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Double-Caches Content, Potentially Writing to a File System's Tmp Directory
Moderate
CVE-2011-4293
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle XSS Vulnerability
Moderate
CVE-2011-4306
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Open Redirect Via Error Messages
Moderate
CVE-2011-4294
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Allows Modification of Constants
Moderate
CVE-2011-4301
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to Cross-site Scripting
Moderate
CVE-2011-4286
was published
for
moodle/moodle
(Composer)
May 13, 2022
phpCAS client library and Moodle Cross-site Scripting vulnerability
Moderate
CVE-2010-1618
was published
for
apereo/phpcas
(Composer)
May 13, 2022
Moodle allows remote attackers to obtain sensitive information
Moderate
CVE-2011-4283
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle XSS In Tag Autocomplete functionality
Moderate
CVE-2011-4278
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle is vulnerable to unauthorized new accounts creation
Moderate
CVE-2010-1616
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Session Fixation vulnerability
Moderate
CVE-2010-1613
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to Cross-Site Request Forgery
Moderate
CVE-2011-4133
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Authentication Bypass in Question-Bank
Moderate
CVE-2012-2356
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API