Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,656
Maven
5,000+
npm
4,284
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

176 advisories

Loading
Silverstripe CMS User Enumeration Moderate
CVE-2017-12849 was published for silverstripe/cms (Composer) May 17, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2017-15110 was published for moodle/moodle (Composer) May 17, 2022
Moodle Privilege escalation in quiz web services Moderate
CVE-2018-1044 was published for moodle/moodle (Composer) May 14, 2022
Moodle Portfolio forum caller class allows a user to download any file Moderate
CVE-2018-1135 was published for moodle/moodle (Composer) May 14, 2022
Converse.js Exposure of Sensitive Information Moderate
CVE-2018-6591 was published for converse.js (Composer) May 14, 2022
Sensitive Data Exposure in baserCMS Moderate
CVE-2018-0575 was published for baserproject/basercms (Composer) May 14, 2022
SimpleSAMLphp Information leakage issue in the sanitycheck module Moderate
CVE-2016-3124 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
DOMPDF Arbitrary File Read Moderate
CVE-2014-2383 was published for dompdf/dompdf (Composer) May 14, 2022
phpMyAdmin full path disclosure vulnerability Moderate
CVE-2016-5730 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Showdoc Forced Browsing Moderate
CVE-2018-19609 was published for showdoc/showdoc (Composer) May 14, 2022
Flarum Core Leaks PII Moderate
CVE-2018-19133 was published for flarum/framework (Composer) May 14, 2022
phpMyAdmin Local file inclusion through transformation feature Moderate
CVE-2018-19968 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
SimpleSAMLphp allows timing side-channel attacks Moderate
CVE-2017-12872 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2018-10890 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members Moderate
CVE-2011-4289 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page Moderate
CVE-2011-4284 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control Moderate
CVE-2011-4279 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information Moderate
CVE-2011-4283 was published for moodle/moodle (Composer) May 13, 2022
Moodle Exposes Sensitive User Information Moderate
CVE-2012-2353 was published for moodle/moodle (Composer) May 13, 2022
Moodle is vulnerable to Sensitive Information Disclosure Moderate
CVE-2013-2080 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle reveals absolute path in exception message Moderate
CVE-2013-1831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle includes the WebDAV password in the configuration form Moderate
CVE-2013-1832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2013-4522 was published for moodle/moodle (Composer) May 13, 2022
AnonySE26
Credited to AnonySE26
Moodle does not check for the moodle/course:viewhiddencourses capability Moderate
CVE-2014-0217 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle Reveals Student Information Meant To Be Anonymous Moderate
CVE-2014-0215 was published for moodle/moodle (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database