Linux Distros Unpatched Vulnerability : CVE-2021-20280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

CVE-2022-20280

In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Cisco UCS Central Software Configuration Backup Information Disclosure (cisco-sa-ucsc-bkpsky-TgJ5f73J)

According to its self-reported version, Cisco UCS Central Software Configuration Backup Information Disclosure is affected by a vulnerability. - A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with access to a backup file to learn sensitive information...

Moodle 3.8.x < 3.8.8 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.17, 3.8.x prior to 3.8.8, 3.9.x prior to 3.9.5 or 3.10.x prior to 3.10.2. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability attack due to the lack of sanitization of th...

CVE-2022-20280

In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20280

CVE-2022-20280 affects Android 13, specifically the MMSProvider component. The issue is described as an SQL injection vulnerability caused by improper input validation that permits reading protected data, potentially exposing short message service (SMS) and multimedia message service (MMS) data. ...

Fedora: Security Advisory for moodle (FEDORA-2021-50f63a0161)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 33 : moodle (2021-431b232659)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-431b232659 advisory. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

Moodle < 3.5.17, 3.8.x < 3.8.8, 3.9.x < 3.9.5, 3.10.x < 3.10.2 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

CVE-2021-20280

creationtimestamp| type| source ---|---|--- 2021-03-16 01:29:29+00:00| seen| https://t.me/cibsecurity/24935...

CVE-2021-20280

Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

CVE-2021-20280

CVE-2021-20280 affects Moodle before versions 3.10.2, 3.9.5, 3.8.8, and 3.5.17. The issue is due to insufficient sanitization of text-based feedback answers, leading to stored XSS and blind SSRF risks. Several connected sources reiterate the same description and tie the vulnerability to moodle’s ...

CVE-2019-20280

CVE-2019-20280 is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-20280

...