GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
234 advisories
Filter by severity
Flarum Core Leaks PII
Moderate
CVE-2018-19133
was published
for
flarum/framework
(Composer)
May 14, 2022
phpMyAdmin Local file inclusion through transformation feature
Moderate
CVE-2018-19968
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
SimpleSAMLphp allows timing side-channel attacks
Moderate
CVE-2017-12872
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 14, 2022
Anchor CMS Logs Credentials
Critical
CVE-2018-7251
was published
for
anchorcms/anchor-cms
(Composer)
May 13, 2022
Moodle Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2018-10890
was published
for
moodle/moodle
(Composer)
May 13, 2022
October CMS Local File Inclusion
High
CVE-2018-1999009
was published
for
october/october
(Composer)
May 13, 2022
Moodle Exposes Sensitive User Information
Moderate
CVE-2012-2353
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle's login_as feature leaks information from external repositories
Low
CVE-2013-1835
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle is vulnerable to Sensitive Information Disclosure
Moderate
CVE-2013-2080
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle reveals absolute path in exception message
Moderate
CVE-2013-1831
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle includes the WebDAV password in the configuration form
Moderate
CVE-2013-1832
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Reveals Student Information Meant To Be Anonymous
Moderate
CVE-2014-0215
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not check for the moodle/course:viewhiddencourses capability
Moderate
CVE-2014-0217
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Information Disclosure
Moderate
CVE-2017-7531
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle sensitive information disclosure
Moderate
CVE-2015-5340
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle uses predictable password-recovery tokens
High
CVE-2015-5267
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course-structure information
Moderate
CVE-2015-3180
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers obtain full-name information
Moderate
CVE-2015-3176
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive personal-contact and unread-message-count information
Moderate
CVE-2015-2266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attacks to obtain sensitive information
Moderate
CVE-2014-7848
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive calendar-event information
Moderate
CVE-2015-0215
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive information
Moderate
CVE-2015-0211
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive information
Moderate
CVE-2014-7833
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle exposes hidden grades to students
Moderate
CVE-2014-7831
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle sensitive information disclosure
Moderate
CVE-2016-5014
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API