GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
280 advisories
Moodle cross-site scripting (XSS) vulnerability
Low
CVE-2015-3178
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass intended login restrictions
Low
CVE-2015-3179
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course-structure information
Moderate
CVE-2015-3180
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass file-management restrictions
Moderate
CVE-2015-3181
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle open redirect vulnerability
High
CVE-2015-3272
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-3274
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2015-3275
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to enter additional answer attempts
Moderate
CVE-2015-5264
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to delete files
Moderate
CVE-2015-5265
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain manager privileges
Moderate
CVE-2015-5266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle sensitive information disclosure
Moderate
CVE-2016-0724
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Reflected XSS in mod_data advanced search
Moderate
CVE-2016-2153
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle sensitive information disclosure
Moderate
CVE-2016-2190
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Cross-site request forgery (CSRF) vulnerability
High
CVE-2016-3734
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle XML import of ddwtos could lead to intentional remote code execution
High
CVE-2018-14630
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Open Redirect Vulnerability
Moderate
CVE-2019-10133
was published
for
moodle/moodle
(Composer)
May 24, 2022
Moodle uses predictable password-recovery tokens
High
CVE-2015-5267
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle XSS Vulnerability
Moderate
CVE-2019-3847
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Users could elevate their role when accessing the LTI tool on a provider site
High
CVE-2019-3849
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Stored HTML in assignment submission comments allowed links to be opened directly
Moderate
CVE-2019-3850
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Secure layout contained an insecure link in Boost theme
Moderate
CVE-2019-3851
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle mishandles group-based authorization checks
Moderate
CVE-2015-5268
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-5269
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-5335
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2015-5336
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API