Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,975 advisories

Loading
Moodle sensitive information disclosure Moderate
CVE-2016-0724 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle allows attackers to discover student e-mail addresses Moderate
CVE-2016-2151 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle allows attackers to obtain sensitive category-detail information Moderate
CVE-2016-2158 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Moodle sensitive information disclosure Moderate
CVE-2016-3732 was published for moodle/moodle (Composer) May 13, 2022
Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to... Moderate Unreviewed
CVE-2016-3731 was published May 13, 2022
The web console login form in ovirt-engine before version 4.2.3 returned different errors for non... Moderate Unreviewed
CVE-2018-1073 was published May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Undertow Moderate
CVE-2018-14642 was published for io.undertow:undertow-core (Maven) May 13, 2022
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an... Low Unreviewed
CVE-2016-9908 was published May 13, 2022
The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a... Moderate Unreviewed
CVE-2018-15599 was published May 13, 2022
The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x... Moderate Unreviewed
CVE-2014-9279 was published May 13, 2022
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0... Moderate Unreviewed
CVE-2015-3195 was published May 13, 2022
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local... Moderate Unreviewed
CVE-2018-5953 was published May 13, 2022
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log,... Low Unreviewed
CVE-2012-2531 was published May 13, 2022
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified... Moderate Unreviewed
CVE-2012-2532 was published May 13, 2022
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list... High Unreviewed
CVE-2017-14404 was published May 13, 2022
ActiveMQ's OpenWire protocol exposes certain system details as plain text Low
CVE-2017-15709 was published for org.apache.activemq:activemq-openwire-generator (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA... Moderate Unreviewed
CVE-2018-12433 was published May 13, 2022
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side... Moderate Unreviewed
CVE-2018-12438 was published May 13, 2022
languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2010-4401 was published May 13, 2022
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php... Moderate Unreviewed
CVE-2011-3793 was published May 13, 2022
NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to... Moderate Unreviewed
CVE-2014-5215 was published May 13, 2022
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. High Unreviewed
CVE-2018-7686 was published May 13, 2022
In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sentinel Web Interface. After... Moderate Unreviewed
CVE-2018-7675 was published May 13, 2022
The HTTP and WebSocket engine components in the server in Kaazing Gateway before 4.5.3 hotfix-1,... High Unreviewed
CVE-2017-6910 was published May 13, 2022
Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the cached data of different... Moderate Unreviewed
CVE-2014-2983 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database