OSV - Open Source Vulnerabilities

GHSA-fhg2-r2h9-h7q8

Packagist/moodle/moodle

Moodle IDOR when deleting OAuth2 linked accounts

3 days ago

Fix available
Severity - 5.3 (Medium)

GHSA-j822-x5gg-5r56

Packagist/moodle/moodle

Moodle allows users to retrieve information they did not have permission to access

3 days ago

Fix available
Severity - 5.3 (Medium)

GHSA-r4xr-m393-778m

Packagist/moodle/moodle

Moodle IDOR when accessing list of course badges

3 days ago

Fix available
Severity - 5.3 (Medium)

GHSA-xfv7-h2qg-rjm7

Packagist/moodle/moodle

Moodle Lesson activity password bypass through PHP loose comparison

3 days ago

Fix available
Severity - 6.3 (Medium)

GHSA-m5vv-7jxc-8p6x

Packagist/redaxo/source

Redaxo Core CMS Cross Site Scripting (XSS)

4 days ago

Fix available
Severity - 5.3 (Medium)

GHSA-p7f6-8mcm-fwv3

Packagist/statamic/cms

Statamic CMS has a Path Traversal in Asset Upload

4 days ago

Fix available
Severity - 5.3 (Medium)

GHSA-7cc9-j4mv-vcjp

Packagist/phpoffice/phpspreadsheet

XXE in PHPSpreadsheet's XLSX reader

5 days ago

Fix available
Severity - 7.5 (High)

GHSA-jw4x-v69f-hh5w

Packagist/phpoffice/phpspreadsheet

XmlScanner bypass leads to XXE

5 days ago

Fix available
Severity - 7.5 (High)

GHSA-cq5f-wv7p-5gfc

Packagist/moodle/moodle

Moodle leaks user names

5 days ago

Fix available
Severity - 4.3 (Medium)

GHSA-fjq9-452g-jg3q

Packagist/moodle/moodle

moodle: Some users can delete audiences of other reports

5 days ago

Fix available
Severity - 6.5 (Medium)

GHSA-mg54-p2wj-5ph7

Packagist/moodle/moodle

moodle: IDOR when fetching report schedules

5 days ago

Fix available
Severity - 4.3 (Medium)

GHSA-x3x9-349x-2485

Packagist/moodle/moodle

moodle: IDOR in edit/delete RSS feed

5 days ago

Fix available
Severity - 6.9 (Medium)

GHSA-8fh4-942r-jf2g

Packagist/librenms/librenms

LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php

15 Nov

Fix available
Severity - 7.5 (High)

GHSA-x645-6pf9-xwxw

Packagist/librenms/librenms

LibreNMS has an Authenticated OS Command Injection

15 Nov

Fix available
Severity - 9.1 (Critical)

GHSA-gv4m-f6fx-859x

Packagist/librenms/librenms

LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

15 Nov

Fix available
Severity - 7.5 (High)

GHSA-28p7-f6h6-3jh3

Packagist/librenms/librenms

LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php

15 Nov

Fix available
Severity - 7.5 (High)