Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,632 advisories

Loading
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text Low
CVE-2019-10291 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text Low
CVE-2019-10297 was published for org.jenkins-ci.plugins:sametime (Maven) May 13, 2022
Jenkins Serena SRA Deploy Plugin stores credentials in plain text Low
CVE-2019-10296 was published for com.urbancode.ds.jenkins.plugins:sra-deploy (Maven) May 13, 2022
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text Low
CVE-2019-10281 was published for org.jenkins-ci.plugins:relution-publisher (Maven) May 13, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2011-4282 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-Site Scripting Low
CVE-2011-4299 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1614 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1619 was published for moodle/moodle (Composer) May 13, 2022
Moodle doesn't properly check role Low
CVE-2010-1617 was published for moodle/moodle (Composer) May 13, 2022
Moodle's login_as feature leaks information from external repositories Low
CVE-2013-1835 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module Low
CVE-2013-1833 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2014-2571 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle does not set the RISK_XSS bit for graders Low
CVE-2015-0216 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2015-3178 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle allows attackers to bypass intended login restrictions Low
CVE-2015-3179 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle does not set the RISK_XSS bit for graders Low
CVE-2015-3174 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2015-2273 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle XSS Vulnerability Low
CVE-2015-2269 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle allows attackers to upload files containing JavaScript Low
CVE-2014-7835 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2015-0212 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle multiple cross-site scripting (XSS) vulnerabilities Low
CVE-2014-3551 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2014-7830 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle cross-site scripting (XSS) vulnerability Low
CVE-2014-3544 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
ActiveMQ's OpenWire protocol exposes certain system details as plain text Low
CVE-2017-15709 was published for org.apache.activemq:activemq-openwire-generator (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
OpenStack Horizon Cross-site scripting (XSS) vulnerability Low
CVE-2014-3474 was published for horizon (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database