Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Moodle provides calendar-event data without considering whether an activity is hidden Moderate
CVE-2016-2156 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-0724 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover hidden course names Moderate
CVE-2016-2154 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to discover student e-mail addresses Moderate
CVE-2016-2151 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Improper Access Control Moderate
CVE-2016-3733 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-3732 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows attackers to obtain sensitive category-detail information Moderate
CVE-2016-2158 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Bolt Improper Access Control Moderate
CVE-2017-16754 was published for bolt/bolt (Composer) May 13, 2022
INTER-Mediator Cross-Site Scripting (XSS) Moderate
CVE-2017-6484 was published for inter-mediator/inter-mediator (Composer) May 13, 2022
Securimage HTML Injection Moderate
CVE-2017-14077 was published for dapphp/securimage (Composer) May 13, 2022
baserCMS Access Control Bypass Moderate
CVE-2015-5640 was published for baserproject/basercms (Composer) May 13, 2022
BaserCMS privilege escallation Moderate
CVE-2011-2674 was published for baserproject/basercms (Composer) May 13, 2022
Concrete CMS vulnerable to cross-site scripting (XSS) Moderate
CVE-2017-7725 was published for concrete5/concrete5 (Composer) May 13, 2022
Bootstrap vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2018-14040 was published for bootstrap (RubyGems) May 13, 2022
jhutchings1 stof
Churro tdunlap607 jenhae
HTML Purifier cross-site scripting (XSS) vulnerability Moderate
CVE-2010-4183 was published for ezyang/htmlpurifier (Composer) May 13, 2022
Pi Cross-site Scripting vulnerability Moderate
CVE-2017-7251 was published for pi/pi (Composer) May 13, 2022
Sensitive Data Exposure in elFinder Moderate
CVE-2019-5884 was published for studio-42/elfinder (Composer) May 13, 2022
Symfony HTTP Foundation web cache poisoning Moderate
CVE-2018-14773 was published for symfony/http-foundation (Composer) May 13, 2022
llupa
Moodle Authenticated Spelling Binary Remote Code Execution Moderate
CVE-2013-3630 was published for moodle/moodle (Composer) May 13, 2022
MantisBT XSS allows unsanitized input via admin/install.php Moderate
CVE-2017-12061 was published for mantisbt/mantisbt (Composer) May 13, 2022
Moodle Logged in users could view all calendar events Moderate
CVE-2019-3848 was published for moodle/moodle (Composer) May 13, 2022
Moodle XSS Vulnerability Moderate
CVE-2019-3847 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle XSS Vulnerability Moderate
CVE-2019-3810 was published for moodle/moodle (Composer) May 13, 2022
TYPO3 femanager extension allows remote frontend users to modify or delete records of other frontend users Moderate
CVE-2014-6292 was published for in2code/femanager (Composer) May 13, 2022
Cross-site Scripting in facturascripts Moderate
CVE-2022-1682 was published for facturascripts/facturascripts (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database