Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+

188 advisories

Loading
Moodle Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2018-10890 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members Moderate
CVE-2011-4289 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page Moderate
CVE-2011-4284 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control Moderate
CVE-2011-4279 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information Moderate
CVE-2011-4283 was published for moodle/moodle (Composer) May 13, 2022
Moodle Exposes Sensitive User Information Moderate
CVE-2012-2353 was published for moodle/moodle (Composer) May 13, 2022
Moodle is vulnerable to Sensitive Information Disclosure Moderate
CVE-2013-2080 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle reveals absolute path in exception message Moderate
CVE-2013-1831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle includes the WebDAV password in the configuration form Moderate
CVE-2013-1832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2013-4522 was published for moodle/moodle (Composer) May 13, 2022
AnonySE26 Credited to AnonySE26
Moodle Reveals Student Information Meant To Be Anonymous Moderate
CVE-2014-0215 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not check for the moodle/course:viewhiddencourses capability Moderate
CVE-2014-0217 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle Information Disclosure Moderate
CVE-2017-7531 was published for moodle/moodle (Composer) May 13, 2022
Moodle sensitive information disclosure Moderate
CVE-2015-5340 was published for moodle/moodle (Composer) May 13, 2022
decsecre583 Credited to decsecre583
Moodle allows attackers to obtain sensitive course-structure information Moderate
CVE-2015-3180 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle allows attackers obtain full-name information Moderate
CVE-2015-3176 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle allows attackers to obtain sensitive personal-contact and unread-message-count information Moderate
CVE-2015-2266 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle allows attacks to obtain sensitive information Moderate
CVE-2014-7848 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle allows attackers to obtain sensitive calendar-event information Moderate
CVE-2015-0215 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2015-0211 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle exposes hidden grades to students Moderate
CVE-2014-7831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle allows attackers to obtain sensitive information Moderate
CVE-2014-7833 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-5014 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to read arbitrary files Moderate
CVE-2014-3542 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-0724 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131 Credited to MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database