Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4,238 advisories

Loading
Moodle IDOR when accessing list of course badges Moderate
CVE-2024-48899 was published for moodle/moodle (Composer) Nov 20, 2024
Moodle Lesson activity password bypass through PHP loose comparison Moderate
CVE-2024-45691 was published for moodle/moodle (Composer) Nov 20, 2024
Moodle allows users to retrieve information they did not have permission to access Moderate
CVE-2024-45689 was published for moodle/moodle (Composer) Nov 20, 2024
Moodle IDOR when deleting OAuth2 linked accounts Moderate
CVE-2024-45690 was published for moodle/moodle (Composer) Nov 20, 2024
Redaxo Core CMS Cross Site Scripting (XSS) Moderate
CVE-2024-50803 was published for redaxo/source (Composer) Nov 19, 2024
Statamic CMS has a Path Traversal in Asset Upload Moderate
CVE-2024-52600 was published for statamic/cms (Composer) Nov 19, 2024
SamSchroderBSG
XXE in PHPSpreadsheet's XLSX reader High
CVE-2024-48917 was published for phpoffice/phpspreadsheet (Composer) Nov 18, 2024
antoniospataro Antonio-R1
XmlScanner bypass leads to XXE High
CVE-2024-47873 was published for phpoffice/phpspreadsheet (Composer) Nov 18, 2024
Antonio-R1 antoniospataro
Moodle leaks user names Moderate
CVE-2024-48896 was published for moodle/moodle (Composer) Nov 18, 2024
moodle: Some users can delete audiences of other reports Moderate
CVE-2024-48898 was published for moodle/moodle (Composer) Nov 18, 2024
moodle: IDOR in edit/delete RSS feed Moderate
CVE-2024-48897 was published for moodle/moodle (Composer) Nov 18, 2024
moodle: IDOR when fetching report schedules Moderate
CVE-2024-48901 was published for moodle/moodle (Composer) Nov 18, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php High
CVE-2024-52526 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has an Authenticated OS Command Injection Critical
CVE-2024-51092 was published for librenms/librenms (Composer) Nov 15, 2024
mallo-m
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php High
CVE-2024-51497 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php High
CVE-2024-51496 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php High
CVE-2024-51495 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php High
CVE-2024-51494 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints High
CVE-2024-50355 was published for librenms/librenms (Composer) Nov 15, 2024
minhnq1618
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php High
CVE-2024-50352 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php High
CVE-2024-50351 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php High
CVE-2024-50350 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php High
CVE-2024-49764 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php High
CVE-2024-49759 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS
LibreNMS has a stored XSS in ExamplePlugin with Device's Notes Moderate
CVE-2024-49758 was published for librenms/librenms (Composer) Nov 15, 2024
minhnq1618
ProTip! Advisories are also available from the GraphQL API