Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

113,777 advisories

Loading
Moodle stored Cross-site Scripting Moderate
CVE-2021-32475 was published for moodle/moodle (Composer) Mar 12, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-32477 was published for moodle/moodle (Composer) Mar 12, 2022
Moodle Bypass email verification secret when confirming account registration Moderate
CVE-2021-20282 was published for moodle/moodle (Composer) May 24, 2022
Moodle Cross-site Scripting Moderate
CVE-2021-20186 was published for moodle/moodle (Composer) May 24, 2022
Moodle Client side denial of service via personal message Moderate
CVE-2021-20185 was published for moodle/moodle (Composer) May 24, 2022
Moodle Grade information disclosure in grade's external fetch functions Moderate
CVE-2021-20184 was published for moodle/moodle (Composer) May 24, 2022
Moodle Cross-site Scripting (XSS) Moderate
CVE-2020-25631 was published for moodle/moodle (Composer) May 24, 2022
Moodle stored Cross-site Scripting (XSS) Moderate
CVE-2020-25627 was published for moodle/moodle (Composer) May 24, 2022
Moodle open redirect vulnerability Moderate
CVE-2019-14882 was published for moodle/moodle (Composer) May 24, 2022
Moodle type juggling vulnerability Moderate
CVE-2021-40693 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Improper Encoding or Escaping of Output Moderate
CVE-2021-40694 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2021-40695 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Stored XSS and blind SSRF possible via SCORM track details Moderate
CVE-2022-35651 was published for moodle/moodle (Composer) Jul 26, 2022
Moodle Glossary search displays entries without checking user permissions to view them Moderate
CVE-2016-5012 was published for moodle/moodle (Composer) May 17, 2022
Moodle Cross-site Scripting in assignment submission page Moderate
CVE-2017-2578 was published for moodle/moodle (Composer) May 17, 2022
Moodle Incorrect Authorization Moderate
CVE-2021-40692 was published for moodle/moodle (Composer) Sep 30, 2022
Moodle Improper Authentication Moderate
CVE-2021-40691 was published for moodle/moodle (Composer) Sep 30, 2022
Missing permission check in Moodle Moderate
CVE-2021-20283 was published for moodle/moodle (Composer) May 24, 2022
Bolt Cross-site Scripting (XSS) via a title that is mishandled in the system log Moderate
CVE-2019-15483 was published for bolt/bolt (Composer) May 24, 2022
Bolt Cross-site Scripting (XSS) via an image's alt or title field Moderate
CVE-2019-15484 was published for bolt/bolt (Composer) May 24, 2022
Bolt Cross-site Scripting via the slug, teaser or title parameters Moderate
CVE-2019-9553 was published for bolt/bolt (Composer) May 24, 2022
Bolt Improper Access Control Moderate
CVE-2017-16754 was published for bolt/bolt (Composer) May 13, 2022
Bolt stored Cross-site Scripting (XSS) Moderate
CVE-2017-11128 was published for bolt/bolt (Composer) May 17, 2022
Zend Access Restriction Bypass Moderate
CVE-2014-8088 was published for zendframework/zendframework (Composer) May 17, 2022
zend-diactoros Cross-site Scripting (XSS) Moderate
CVE-2015-3257 was published for zendframework/zend-diactoros (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database