GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
281 advisories
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-0218
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to upload files containing JavaScript
Low
CVE-2014-7835
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2014-7836
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Temporary Passwords are Brute Force-able
High
CVE-2014-7845
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2014-7847
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attacks to obtain sensitive information
Moderate
CVE-2014-7848
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to remove wiki pages
Moderate
CVE-2014-7837
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2015-0217
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Low
CVE-2015-0212
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not consider the moodle/tag:edit capability before adding a tag
Moderate
CVE-2014-7846
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not provide charset information in HTTP headers
Moderate
CVE-2014-9059
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive information
Moderate
CVE-2015-0211
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive calendar-event information
Moderate
CVE-2015-0215
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2015-0213
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to trigger the generation of arbitrary messages
Moderate
CVE-2014-9060
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module
Moderate
CVE-2014-7838
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows discovery of an author's username
Moderate
CVE-2014-3617
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Low
CVE-2014-3551
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Low
CVE-2014-7830
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not verify group permissions
Moderate
CVE-2014-7834
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle exposes hidden grades to students
Moderate
CVE-2014-7831
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass the mod/lti:view capability requirement
Moderate
CVE-2014-7832
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2014-3548
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not enforce the moodle/site:accessallgroups capability requirement
Moderate
CVE-2014-3553
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive information
Moderate
CVE-2014-7833
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API