Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,767
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,415 advisories

Loading
Gitea Arbitrary File Delete Vulnerability Moderate
CVE-2019-1000002 was published for code.gitea.io/gitea (Go) May 13, 2022
Contao Information Disclosure via Access Control Flaws Moderate
CVE-2018-20028 was published for contao/contao (Composer) May 13, 2022
Improper Access Control in Telerik Extensions Moderate
CVE-2018-17060 was published for TelerikMvcExtensions (NuGet) May 13, 2022
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to... Moderate Unreviewed
CVE-2015-4902 was published May 13, 2022
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and... Moderate Unreviewed
CVE-2019-6538 was published May 13, 2022
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by... Moderate Unreviewed
CVE-2018-16838 was published May 13, 2022
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16... Moderate Unreviewed
CVE-2016-2167 was published May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to... Moderate Unreviewed
CVE-2016-3020 was published May 13, 2022
Moodle does not use the forceloginforprofiles setting for course-profiles access control Moderate
CVE-2011-4279 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not properly restrict access to category and course data Moderate
CVE-2011-4300 was published for moodle/moodle (Composer) May 13, 2022
Moodle is vulnerable to unauthorized new accounts creation Moderate
CVE-2010-1616 was published for moodle/moodle (Composer) May 13, 2022
Moodle does not consider "don't send" attributes during hub registration Moderate
CVE-2013-2081 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows remote authenticated users to reassign notes Moderate
CVE-2013-1834 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle does not enforce the forceloginforprofiles setting Moderate
CVE-2013-1830 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle allows attackers to extract archives to arbitrary directories Moderate
CVE-2015-2267 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services. Moderate Unreviewed
CVE-2016-8643 was published May 13, 2022
Moodle Unauthenticated Access Moderate
CVE-2016-8642 was published for moodle/moodle (Composer) May 13, 2022
Moodle Improper Access Control Moderate
CVE-2016-3729 was published for moodle/moodle (Composer) May 13, 2022
Moodle Improper Access Control Moderate
CVE-2016-3733 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle External function mod_assign_save_submission does not check due dates Moderate
CVE-2016-2159 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Improper Access Control in Apache CXF Moderate
CVE-2015-5253 was published for org.apache.cxf:cxf-rt-rs-security-sso-saml (Maven) May 13, 2022
sunSUNQ
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016... Moderate Unreviewed
CVE-2016-3366 was published May 13, 2022
Improper Access Control in Apache Derby Moderate
CVE-2018-1313 was published for org.apache.derby:derby (Maven) May 13, 2022
Improper Access Control in wp-graphql Moderate
CVE-2019-25060 was published for wp-graphql/wp-graphql (Composer) May 10, 2022
Jenkins allows Remote Users to Build Arbitrary Jobs Moderate
CVE-2013-0330 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database