GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
280 advisories
Moodle does not properly implement group-based access restrictions
Moderate
CVE-2015-5339
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to delete files
Moderate
CVE-2015-5265
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to enter additional answer attempts
Moderate
CVE-2015-5264
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-3274
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2015-3275
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain manager privileges
Moderate
CVE-2015-5266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Low
CVE-2015-3178
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass file-management restrictions
Moderate
CVE-2015-3181
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course-structure information
Moderate
CVE-2015-3180
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle open redirect vulnerability
High
CVE-2015-3272
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Arbitrary Redirect
Moderate
CVE-2015-3175
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site scripting (XSS) vulnerability
Low
CVE-2015-2273
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive personal-contact and unread-message-count information
Moderate
CVE-2015-2266
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers obtain full-name information
Moderate
CVE-2015-3176
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive course information
Moderate
CVE-2015-2270
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass a forced-password-change requirement
Moderate
CVE-2015-2272
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle directory traversal vulnerability
Moderate
CVE-2015-1493
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to cause a denial of service
Moderate
CVE-2015-2268
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not set the RISK_XSS bit for graders
Low
CVE-2015-3174
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to extract archives to arbitrary directories
Moderate
CVE-2015-2267
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle does not consider the moodle/tag:flag capability
Moderate
CVE-2015-2271
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass intended login restrictions
Low
CVE-2015-3179
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to bypass a messaging-disabled setting
Moderate
CVE-2015-0214
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-0218
was published
for
moodle/moodle
(Composer)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API