GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
98 advisories
Moodle allows attackers to bypass file-management restrictions
Moderate
CVE-2015-3181
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course-structure information
Moderate
CVE-2015-3180
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass a forced-password-change requirement
Moderate
CVE-2015-2272
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive personal-contact and unread-message-count information
Moderate
CVE-2015-2266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers obtain full-name information
Moderate
CVE-2015-3176
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course information
Moderate
CVE-2015-2270
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle directory traversal vulnerability
Moderate
CVE-2015-1493
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not consider the moodle/tag:flag capability
Moderate
CVE-2015-2271
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2015-2268
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to extract archives to arbitrary directories
Moderate
CVE-2015-2267
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass a messaging-disabled setting
Moderate
CVE-2015-0214
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-0218
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2014-7836
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive information
Moderate
CVE-2015-0211
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive calendar-event information
Moderate
CVE-2015-0215
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not provide charset information in HTTP headers
Moderate
CVE-2014-9059
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not consider the moodle/tag:edit capability before adding a tag
Moderate
CVE-2014-7846
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to remove wiki pages
Moderate
CVE-2014-7837
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attacks to obtain sensitive information
Moderate
CVE-2014-7848
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2014-7847
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to trigger the generation of arbitrary messages
Moderate
CVE-2014-9060
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2015-0217
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2015-0213
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module
Moderate
CVE-2014-7838
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows discovery of an author's username
Moderate
CVE-2014-3617
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API