GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
35 advisories
Cross-site scripting in ThinkAdmin
Moderate
CVE-2020-29315
was published
for
zoujingli/thinkadmin
(Composer)
May 6, 2021
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
Use after free in actix-utils
Critical
CVE-2020-35898
was published
for
actix-utils
(Rust)
Aug 25, 2021
Use-after-free in actix-codec
Critical
CVE-2020-35902
was published
for
actix-codec
(Rust)
Aug 25, 2021
Moodle vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2013-4522
was published
for
moodle/moodle
(Composer)
May 13, 2022
ThinkAdmin directory traversal vulnerability
High
CVE-2020-25540
was published
for
zoujingli/thinkadmin
(Composer)
May 24, 2022
ThinkAdmin insecure unserialize vulnerability
Critical
CVE-2020-23653
was published
for
zoujingli/thinkadmin
(Composer)
May 24, 2022
Moodle Incorrect Authorization vulnerability
High
CVE-2020-14321
was published
for
moodle/moodle
(Composer)
Aug 17, 2022
Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core'
High
CVE-2023-32194
was published
for
github.com/rancher/rancher
(Go)
Feb 8, 2024
Elasticsearch Uncaught Exception leading to crash
Moderate
CVE-2024-23449
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 29, 2024
Xuxueli xxl-job template injection vulnerability
Low
CVE-2024-3366
was published
for
com.xuxueli:xxl-job-core
(Maven)
Apr 6, 2024
Moodle Cross-site Scripting (XSS)
Moderate
CVE-2024-33998
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle stored Cross-site Scripting (XSS)
Moderate
CVE-2024-33997
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle Cross-site Scripting (XSS)
Moderate
CVE-2024-34000
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle CSRF risk in admin preset tool management of presets
High
CVE-2024-34001
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
High
CVE-2024-34005
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle CSRF risk in analytics management of models
High
CVE-2024-34008
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle Unsanitized HTML in site log for config_log_created
Moderate
CVE-2024-34006
was published
for
moodle/moodle
(Composer)
May 31, 2024
Improper Preservation of Permissions in xxl-job
High
CVE-2024-42681
was published
for
com.xuxueli:xxl-job-core
(Maven)
Aug 15, 2024
Moodle has a SQL injection risk in course search module list filter
High
CVE-2025-26533
was published
for
moodle/moodle
(Composer)
Feb 24, 2025
Rancher's SAML-based login via CLI can be denied by unauthenticated users
Moderate
CVE-2025-23387
was published
for
github.com/rancher/rancher
(Go)
Feb 27, 2025
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
High
CVE-2025-23388
was published
for
github.com/rancher/rancher
(Go)
Feb 27, 2025
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
High
CVE-2025-23389
was published
for
github.com/rancher/rancher
(Go)
Feb 27, 2025
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-42512
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Mar 3, 2025
ProTip!
Advisories are also available from the
GraphQL API