365 matches found
EUVD-2017-3115
Malware in sbrugna...
EUVD-2019-17680
Malware in sbrugna...
EUVD-2024-0560
Malicious code in bioql PyPI...
Citrix Applayering - Adding new language packs to the OS layer
When attempting to add Language packs to an existing OS layer using lpksetup.exe, administrators may notice that the newly added language packs are not available in the published image. NOTE: The following note in the product documentation is out dated and is no longer applicable for App layering...
November 12, 2024—KB5046661 (Monthly Rollup)
November 12, 2024—KB5046661 Monthly Rollup End of support information Windows Server 2008 SP2 Extended Security Updates ESU third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information, see Extended...
October 8, 2024-Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5044086)
October 8, 2024-Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5044086 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2 REMINDER Windows Server 2008 R2 SP1 have...
August 13, 2024-Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5042354)
August 13, 2024-Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5042354 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framewo...
May 14, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5038291)
May 14, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5038291 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2 REMINDER Windows Server 2008 R2 SP1 have...
April 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5037127)
April 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5037127 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...
Cross-Site Request Forgery (CSRF)
moodle/moodle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the link to update all installed language packs not including a necessary CSRF token. An attacker can exploit this vulnerability by tricking a user into clicking on a crafted link or navigating to a...
BIT-MOODLE-2024-25982 Msa-24-0005: csrf risk in language import utility
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
GHSA-7PJP-FM93-P6PJ Cross-Site Request Forgery in moodle
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
Cross-Site Request Forgery in moodle
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
CVE-2024-25982
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
Cross site request forgery (csrf)
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
UBUNTU-CVE-2024-25982
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
CVE-2024-25982
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
CVE-2024-25982
CVE-2024-25982 corresponds to a CSRF risk in Moodle where the update-link for language packs did not include the necessary token. The OSV/GHSA entries explicitly describe a cross-site request forgery risk in moodle’s language import/update flow, caused by the missing CSRF token. Documented impact...
CVE-2024-25982 Msa-24-0005: csrf risk in language import utility
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk...
moodle security breach
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in moodle that stems from a link to update all installed language packs not containing a token require...