Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
Moodle allows attackers to cause a denial of service Moderate
CVE-2014-7847 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attacks to obtain sensitive information Moderate
CVE-2014-7848 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site request forgery (CSRF) vulnerabilities Moderate
CVE-2014-7836 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not consider the moodle/tag:edit capability before adding a tag Moderate
CVE-2014-7846 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to upload files containing JavaScript Low
CVE-2014-7835 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to remove wiki pages Moderate
CVE-2014-7837 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site request forgery (CSRF) vulnerabilities Moderate
CVE-2015-0213 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive calendar-event information Moderate
CVE-2015-0215 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2015-0211 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to cause a denial of service Moderate
CVE-2015-0217 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to trigger the generation of arbitrary messages Moderate
CVE-2014-9060 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2015-0212 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not provide charset information in HTTP headers Moderate
CVE-2014-9059 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle cross-site request forgery (CSRF) vulnerability Moderate
CVE-2015-0218 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module Moderate
CVE-2014-7838 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows discovery of an author's username Moderate
CVE-2014-3617 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2014-7830 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Low
CVE-2014-3551 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to bypass the mod/lti:view capability requirement Moderate
CVE-2014-7832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not enforce the moodle/site:accessallgroups capability requirement Moderate
CVE-2014-3553 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2014-3548 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle exposes hidden grades to students Moderate
CVE-2014-7831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2014-7833 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not verify group permissions Moderate
CVE-2014-7834 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle vulnerable to PHP object injection attacks High
CVE-2014-3541 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database