GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
171 advisories
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-5335
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to enter additional answer attempts
Moderate
CVE-2015-5264
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain manager privileges
Moderate
CVE-2015-5266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2015-3275
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle mishandles group-based authorization checks
Moderate
CVE-2015-5268
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-5269
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not properly implement group-based access restrictions
Moderate
CVE-2015-5339
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2015-5336
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass file-management restrictions
Moderate
CVE-2015-3181
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course-structure information
Moderate
CVE-2015-3180
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Arbitrary Redirect
Moderate
CVE-2015-3175
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass a forced-password-change requirement
Moderate
CVE-2015-2272
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive personal-contact and unread-message-count information
Moderate
CVE-2015-2266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to extract archives to arbitrary directories
Moderate
CVE-2015-2267
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers obtain full-name information
Moderate
CVE-2015-3176
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle directory traversal vulnerability
Moderate
CVE-2015-1493
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not consider the moodle/tag:flag capability
Moderate
CVE-2015-2271
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course information
Moderate
CVE-2015-2270
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2015-2268
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass a messaging-disabled setting
Moderate
CVE-2015-0214
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-0218
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive calendar-event information
Moderate
CVE-2015-0215
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not provide charset information in HTTP headers
Moderate
CVE-2014-9059
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2015-0213
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive information
Moderate
CVE-2015-0211
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API