Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,975 advisories

Loading
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by... Moderate Unreviewed
CVE-2016-3024 was published May 13, 2022
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2016-3043 was published May 13, 2022
IBM Security Access Manager for Web could allow an unauthenticated user to gain access to... Moderate Unreviewed
CVE-2016-3023 was published May 13, 2022
IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive... Moderate Unreviewed
CVE-2016-3021 was published May 13, 2022
The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON... High Unreviewed
CVE-2015-5738 was published May 13, 2022
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an... Moderate Unreviewed
CVE-2016-9845 was published May 13, 2022
ARM Trusted Firmware-A allows information disclosure. Moderate Unreviewed
CVE-2018-19440 was published May 13, 2022
The mostActiveCommitters.do resource in Atlassian Fisheye and Crucible, before version 4.4.1... High Unreviewed
CVE-2017-9512 was published May 13, 2022
Moodle does not recogniz configuration setting that makes e-mail addresses visible only to course members Moderate
CVE-2011-4289 was published for moodle/moodle (Composer) May 13, 2022
Moodle allows remote attackers to obtain sensitive information from myprofile block by visiting user-context page Moderate
CVE-2011-4284 was published for moodle/moodle (Composer) May 13, 2022
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled,... Moderate Unreviewed
CVE-2012-0799 was published May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control Moderate
CVE-2011-4279 was published for moodle/moodle (Composer) May 13, 2022
The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote... Moderate Unreviewed
CVE-2011-4304 was published May 13, 2022
mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 allows remote... Moderate Unreviewed
CVE-2011-4581 was published May 13, 2022
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the... Moderate Unreviewed
CVE-2012-0792 was published May 13, 2022
Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle... Moderate Unreviewed
CVE-2011-4593 was published May 13, 2022
Moodle allows remote attackers to obtain sensitive information Moderate
CVE-2011-4283 was published for moodle/moodle (Composer) May 13, 2022
Moodle Exposes Sensitive User Information Moderate
CVE-2012-2353 was published for moodle/moodle (Composer) May 13, 2022
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in... Moderate Unreviewed
CVE-2012-2357 was published May 13, 2022
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x... Low Unreviewed
CVE-2012-0800 was published May 13, 2022
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2... Moderate Unreviewed
CVE-2012-5473 was published May 13, 2022
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not... Moderate Unreviewed
CVE-2012-4407 was published May 13, 2022
theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for... Moderate Unreviewed
CVE-2012-4403 was published May 13, 2022
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2... Moderate Unreviewed
CVE-2012-3394 was published May 13, 2022
Moodle's login_as feature leaks information from external repositories Low
CVE-2013-1835 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database