Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-fhg2-r2h9-h7q8
  • Packagist/moodle/moodle
Moodle IDOR when deleting OAuth2 linked accounts 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-j822-x5gg-5r56
  • Packagist/moodle/moodle
Moodle allows users to retrieve information they did not have permission to access 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-r4xr-m393-778m
  • Packagist/moodle/moodle
Moodle IDOR when accessing list of course badges 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-xfv7-h2qg-rjm7
  • Packagist/moodle/moodle
Moodle Lesson activity password bypass through PHP loose comparison 3 days ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-m5vv-7jxc-8p6x
  • Packagist/redaxo/source
Redaxo Core CMS Cross Site Scripting (XSS) 4 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-p7f6-8mcm-fwv3
  • Packagist/statamic/cms
Statamic CMS has a Path Traversal in Asset Upload 4 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-7cc9-j4mv-vcjp
  • Packagist/phpoffice/phpspreadsheet
XXE in PHPSpreadsheet's XLSX reader 5 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-jw4x-v69f-hh5w
  • Packagist/phpoffice/phpspreadsheet
XmlScanner bypass leads to XXE 5 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-cq5f-wv7p-5gfc
  • Packagist/moodle/moodle
Moodle leaks user names 5 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-fjq9-452g-jg3q
  • Packagist/moodle/moodle
moodle: Some users can delete audiences of other reports 5 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-mg54-p2wj-5ph7
  • Packagist/moodle/moodle
moodle: IDOR when fetching report schedules 5 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-x3x9-349x-2485
  • Packagist/moodle/moodle
moodle: IDOR in edit/delete RSS feed 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-8fh4-942r-jf2g
  • Packagist/librenms/librenms
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php 15 Nov
  • Fix available
  • Severity - 7.5 (High)
GHSA-x645-6pf9-xwxw
  • Packagist/librenms/librenms
LibreNMS has an Authenticated OS Command Injection 15 Nov
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-gv4m-f6fx-859x
  • Packagist/librenms/librenms
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php 15 Nov
  • Fix available
  • Severity - 7.5 (High)
GHSA-28p7-f6h6-3jh3
  • Packagist/librenms/librenms
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php 15 Nov
  • Fix available
  • Severity - 7.5 (High)