Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,263
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,773 advisories

Loading
Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members Moderate
CVE-2011-4289 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page Moderate
CVE-2011-4284 was published for moodle/moodle (Composer) May 13, 2022
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled,... Moderate Unreviewed
CVE-2012-0799 was published May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control Moderate
CVE-2011-4279 was published for moodle/moodle (Composer) May 13, 2022
The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote... Moderate Unreviewed
CVE-2011-4304 was published May 13, 2022
mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 allows remote... Moderate Unreviewed
CVE-2011-4581 was published May 13, 2022
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the... Moderate Unreviewed
CVE-2012-0792 was published May 13, 2022
Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle... Moderate Unreviewed
CVE-2011-4593 was published May 13, 2022
Moodle allows remote attackers to obtain sensitive information Moderate
CVE-2011-4283 was published for moodle/moodle (Composer) May 13, 2022
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in... Moderate Unreviewed
CVE-2012-2357 was published May 13, 2022
Moodle Exposes Sensitive User Information Moderate
CVE-2012-2353 was published for moodle/moodle (Composer) May 13, 2022
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2... Moderate Unreviewed
CVE-2012-5473 was published May 13, 2022
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2... Moderate Unreviewed
CVE-2012-3394 was published May 13, 2022
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not... Moderate Unreviewed
CVE-2012-4407 was published May 13, 2022
theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for... Moderate Unreviewed
CVE-2012-4403 was published May 13, 2022
Moodle is vulnerable to Sensitive Information Disclosure Moderate
CVE-2013-2080 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x... Moderate Unreviewed
CVE-2012-6105 was published May 13, 2022
Moodle includes the WebDAV password in the configuration form Moderate
CVE-2013-1832 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle reveals absolute path in exception message Moderate
CVE-2013-1831 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability... Moderate Unreviewed
CVE-2013-1829 was published May 13, 2022
blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows... Moderate Unreviewed
CVE-2012-6104 was published May 13, 2022
Moodle vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2013-4522 was published for moodle/moodle (Composer) May 13, 2022
AnonySE26
Credited to AnonySE26
mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4... Moderate Unreviewed
CVE-2013-2243 was published May 13, 2022
Moodle Reveals Student Information Meant To Be Anonymous Moderate
CVE-2014-0215 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not check for the moodle/course:viewhiddencourses capability Moderate
CVE-2014-0217 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database