GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,777 advisories
Filter by severity
Moodle stored Cross-site Scripting
Moderate
CVE-2021-32475
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-32477
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
Moodle Bypass email verification secret when confirming account registration
Moderate
CVE-2021-20282
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle Cross-site Scripting
Moderate
CVE-2021-20186
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle Client side denial of service via personal message
Moderate
CVE-2021-20185
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle Grade information disclosure in grade's external fetch functions
Moderate
CVE-2021-20184
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle Cross-site Scripting (XSS)
Moderate
CVE-2020-25631
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle stored Cross-site Scripting (XSS)
Moderate
CVE-2020-25627
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle open redirect vulnerability
Moderate
CVE-2019-14882
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle type juggling vulnerability
Moderate
CVE-2021-40693
was published
for
moodle/moodle
(Composer)
Sep 30, 2022
Moodle Improper Encoding or Escaping of Output
Moderate
CVE-2021-40694
was published
for
moodle/moodle
(Composer)
Sep 30, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2021-40695
was published
for
moodle/moodle
(Composer)
Sep 30, 2022
Moodle Stored XSS and blind SSRF possible via SCORM track details
Moderate
CVE-2022-35651
was published
for
moodle/moodle
(Composer)
Jul 26, 2022
Moodle Glossary search displays entries without checking user permissions to view them
Moderate
CVE-2016-5012
was published
for
moodle/moodle
(Composer)
May 17, 2022
Moodle Cross-site Scripting in assignment submission page
Moderate
CVE-2017-2578
was published
for
moodle/moodle
(Composer)
May 17, 2022
Moodle Incorrect Authorization
Moderate
CVE-2021-40692
was published
for
moodle/moodle
(Composer)
Sep 30, 2022
Moodle Improper Authentication
Moderate
CVE-2021-40691
was published
for
moodle/moodle
(Composer)
Sep 30, 2022
Missing permission check in Moodle
Moderate
CVE-2021-20283
was published
for
moodle/moodle
(Composer)
May 24, 2022
Bolt Cross-site Scripting (XSS) via a title that is mishandled in the system log
Moderate
CVE-2019-15483
was published
for
bolt/bolt
(Composer)
May 24, 2022
Bolt Cross-site Scripting (XSS) via an image's alt or title field
Moderate
CVE-2019-15484
was published
for
bolt/bolt
(Composer)
May 24, 2022
Bolt Cross-site Scripting via the slug, teaser or title parameters
Moderate
CVE-2019-9553
was published
for
bolt/bolt
(Composer)
May 24, 2022
Bolt Improper Access Control
Moderate
CVE-2017-16754
was published
for
bolt/bolt
(Composer)
May 13, 2022
Bolt stored Cross-site Scripting (XSS)
Moderate
CVE-2017-11128
was published
for
bolt/bolt
(Composer)
May 17, 2022
Zend Access Restriction Bypass
Moderate
CVE-2014-8088
was published
for
zendframework/zendframework
(Composer)
May 17, 2022
zend-diactoros Cross-site Scripting (XSS)
Moderate
CVE-2015-3257
was published
for
zendframework/zend-diactoros
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API