GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
174 advisories
Moodle XSS from profile fields from external db
Moderate
CVE-2016-2152
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle sensitive information disclosure
Moderate
CVE-2016-0724
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle provides calendar-event data without considering whether an activity is hidden
Moderate
CVE-2016-2156
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to discover hidden course names
Moderate
CVE-2016-2154
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle External function mod_assign_save_submission does not check due dates
Moderate
CVE-2016-2159
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Improper Access Control
Moderate
CVE-2016-3733
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle allows attackers to obtain sensitive category-detail information
Moderate
CVE-2016-2158
was published
for
moodle/moodle
(Composer)
May 13, 2022
Insufficient Verification of Data Authenticity in Async Http Client
Moderate
CVE-2013-7398
was published
for
com.ning:async-http-client
(Maven)
May 13, 2022
Insufficient Verification of Data Authenticity in Async Http Client
Moderate
CVE-2013-7397
was published
for
com.ning:async-http-client
(Maven)
May 13, 2022
Uncontrolled Resource Consumption in Apache Commons Compress
Moderate
CVE-2012-2098
was published
for
org.apache.commons:commons-compress
(Maven)
May 13, 2022
spring-integration-zip Arbitrary File Write
Moderate
CVE-2018-1263
was published
for
org.springframework.integration:spring-integration-zip
(Maven)
May 13, 2022
Inefficient Algorithmic Complexity in Apache Santuario XML Security
Moderate
CVE-2013-2172
was published
for
org.apache.santuario:xmlsec
(Maven)
May 13, 2022
Improper Input Validation in Apache Santuario XML Security
Moderate
CVE-2014-8152
was published
for
org.apache.santuario:xmlsec
(Maven)
May 13, 2022
Improper Input Validation in Apache Santuario XML Security
Moderate
CVE-2013-4517
was published
for
org.apache.santuario:xmlsec
(Maven)
May 13, 2022
Moodle XSS Vulnerability
Moderate
CVE-2019-3847
was published
for
moodle/moodle
(Composer)
May 13, 2022
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode
Moderate
CVE-2012-0394
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 4, 2022
Apache Struts's ParameterInterceptor component does not prevent access to public constructors
Moderate
CVE-2012-0393
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 4, 2022
Denial of Service in Apache Tomcat
Moderate
CVE-2012-0022
was published
for
org.apache.tomcat:tomcat
(Maven)
May 4, 2022
Apache Tomcat affected by vulnerability in TLS and SSL protocol
Moderate
CVE-2009-3555
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat
Moderate
CVE-2009-2902
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
Improper Authentication in Apache Tomcat
Moderate
CVE-2009-2901
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
Apache Tomcat Directory Traversal vulnerability
Moderate
CVE-2009-2693
was published
for
org.apache.tomcat:tomcat
(Maven)
May 2, 2022
Apache Geronimo Application Server CSRF vulnerabilities
Moderate
CVE-2009-0039
was published
for
org.apache.geronimo.plugins:console
(Maven)
May 2, 2022
Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2009-0038
was published
for
org.apache.geronimo.plugins:console
(Maven)
May 2, 2022
Apache Tomcat Directory Traversal vulnerability
Moderate
CVE-2008-2938
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API