Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,478 advisories

Loading
Moodle's feedback response viewing and deletions did not respect Separate Groups mode Moderate
CVE-2025-26526 was published for moodle/moodle (Composer) Feb 24, 2025
Moodle has an IDOR in badges allows disabling of arbitrary badges Low
CVE-2025-26531 was published for moodle/moodle (Composer) Feb 24, 2025
Moodle allows teachers to evade trusttext config when restoring glossary entries Low
CVE-2025-26532 was published for moodle/moodle (Composer) Feb 24, 2025
Mattermost fails to restrict channel export of archived channels Moderate
CVE-2025-24526 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 24, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an... Moderate Unreviewed
CVE-2024-45081 was published Feb 19, 2025
Directus allows updates to non-allowed fields due to overlapping policies Moderate
CVE-2025-27089 was published for @directus/api (npm) Feb 19, 2025
hanneskuettner
Instaclustr Cassandra-Lucene-Index allows bypass of Cassandra RBAC High
CVE-2025-26511 was published for com.instaclustr:cassandra-lucene-index-plugin (Maven) Feb 13, 2025
jfleming-ic
The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain... Moderate Unreviewed
CVE-2025-24872 was published Feb 11, 2025
Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions Moderate
CVE-2025-24860 was published for org.apache.cassandra:cassandra-all (Maven) Feb 4, 2025
ProTip! Advisories are also available from the GraphQL API