GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
11 advisories
Rancher users who can create Projects can gain access to arbitrary projects
High
CVE-2024-22031
was published
for
github.com/rancher/rancher
(Go)
Apr 25, 2025
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
High
CVE-2025-23389
was published
for
github.com/rancher/rancher
(Go)
Feb 27, 2025
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
High
CVE-2025-23388
was published
for
github.com/rancher/rancher
(Go)
Feb 27, 2025
Moodle has a SQL injection risk in course search module list filter
High
CVE-2025-26533
was published
for
moodle/moodle
(Composer)
Feb 24, 2025
Improper Preservation of Permissions in xxl-job
High
CVE-2024-42681
was published
for
com.xuxueli:xxl-job-core
(Maven)
Aug 15, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
High
CVE-2024-34005
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle CSRF risk in analytics management of models
High
CVE-2024-34008
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle CSRF risk in admin preset tool management of presets
High
CVE-2024-34001
was published
for
moodle/moodle
(Composer)
May 31, 2024
Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core'
High
CVE-2023-32194
was published
for
github.com/rancher/rancher
(Go)
Feb 8, 2024
Moodle Incorrect Authorization vulnerability
High
CVE-2020-14321
was published
for
moodle/moodle
(Composer)
Aug 17, 2022
ThinkAdmin directory traversal vulnerability
High
CVE-2020-25540
was published
for
zoujingli/thinkadmin
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API