Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Moodle allows attackers to obtain sensitive information Moderate
CVE-2015-0211 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module Moderate
CVE-2014-7838 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows discovery of an author's username Moderate
CVE-2014-3617 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle exposes hidden grades to students Moderate
CVE-2014-7831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not verify group permissions Moderate
CVE-2014-7834 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to bypass the mod/lti:view capability requirement Moderate
CVE-2014-7832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not enforce the moodle/site:accessallgroups capability requirement Moderate
CVE-2014-3553 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3548 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2014-7833 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Does Not Escape Characters In Email Headers Moderate
CVE-2016-5013 was published for moodle/moodle (Composer) May 13, 2022
Moodle Unauthenticated Access Moderate
CVE-2016-8642 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to read arbitrary files Moderate
CVE-2014-3542 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Incorrect sanitation of attributes in forums Moderate
CVE-2017-2576 was published for moodle/moodle (Composer) May 13, 2022
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle remote code execution via quiz questions Moderate
CVE-2014-3545 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain username and course information Moderate
CVE-2014-3546 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3547 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-5014 was published for moodle/moodle (Composer) May 13, 2022
Moodle Cross-site scripting (XSS) vulnerability in course management search Moderate
CVE-2016-0725 was published for moodle/moodle (Composer) May 13, 2022
Moodle Improper Access Control Moderate
CVE-2016-3729 was published for moodle/moodle (Composer) May 13, 2022
Moodle XSS from profile fields from external db Moderate
CVE-2016-2152 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle External function mod_assign_save_submission does not check due dates Moderate
CVE-2016-2159 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle provides calendar-event data without considering whether an activity is hidden Moderate
CVE-2016-2156 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-0724 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover hidden course names Moderate
CVE-2016-2154 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database