Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

107,834 advisories

Loading
A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports,... Moderate Unreviewed
CVE-2024-43429 was published Nov 11, 2024
A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during... Moderate Unreviewed
CVE-2024-43432 was published Nov 11, 2024
A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and... Moderate Unreviewed
CVE-2024-43433 was published Nov 11, 2024
A flaw was found in moodle. External API access to Quiz can override contained insufficient... Moderate Unreviewed
CVE-2024-43430 was published Nov 11, 2024
Arbitrary file overwrite during recovery due to improper soft link handling. The following... Moderate Unreviewed
CVE-2024-34014 was published Nov 11, 2024
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5... Moderate Unreviewed
CVE-2024-11070 was published Nov 11, 2024
A flaw was found in moodle. Insufficient capability checks make it possible for users with access... Moderate Unreviewed
CVE-2024-43435 was published Nov 11, 2024
A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could... Moderate Unreviewed
CVE-2024-43437 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52352 was published Nov 11, 2024
Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed
CVE-2024-11019 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52353 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52350 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52351 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52354 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52355 was published Nov 11, 2024
Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with... Moderate Unreviewed
CVE-2024-11021 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52356 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52358 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52357 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51575 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51574 was published Nov 11, 2024
Authenticated users can upload specifically crafted files to leak server resources. This behavior... Moderate Unreviewed
CVE-2024-38826 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51573 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51571 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51572 was published Nov 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database