Chamilo LMS 输入验证错误漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question answering. Chamilo LMS v1.11.13 has a security vulnerability that could be exploited by an attacker ...

HaccTheHub - Open Source Self-Hosted Cyber Security Learning Platform

Open source self-hosted cyber security learning platform About The Project HaccTheHub is an open source project that provides cyber security The HaccTheHub system consists of 3 main parts: Docker: containing all of the boxes creating the environment in which we'll be learning on. The backend:...

Google Tensorflow has an unspecified vulnerability (CNVD-2022-09895)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc...

CVE-2021-25029

The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Cross site scripting

The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2021-25029 Cluevo < 1.8.1 - Admin+ Stored Cross Site Scripting

The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2021-25029

CVE-2021-25029 affects the WordPress CLUEVO LMS plugin prior to version 1.8.1. The vulnerability arises because the plugin does not sanitize and escape data in the Course module, enabling stored Cross‑Site Scripting (XSS) by high-privilege users even when unfiltered_html is disallowed. Impact is ...

Wordpress Plugin CLUEVO LMS, E-Learning Platform 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

WordPress CLUEVO LMS, E-Learning Platform plugin <= 1.8.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Rutuja D Shirke in WordPress CLUEVO LMS, E-Learning Platform plugin versions = 1.8.0. Solution Update the WordPress CLUEVO LMS, E-Learning Platform plugin to the latest available version at least 1.8.1...

CVE-2021-41223

TensorFlow is an open source platform for machine learning. In affected versions the implementation of FusedBatchNorm kernels is vulnerable to a heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow...

Heap overflow

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SparseBinCount is vulnerable to a heap OOB access. This is because of missing validation between the elements of the values argument and the shape of the sparse output. The fix will be included ...

CVE-2021-41152

OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere o...

Design/Logic Flaw

OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere o...

CVE-2021-42335

Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack...

CVE-2021-42335

Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack...

Cross site scripting

Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack...

CVE-2021-42335 Huachu Digital Technology Co.,Ltd. Easytest - Stored XSS

Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaScript and execute stored XSS attack...

Google TensorFlow Dezero Error Vulnerability (CNVD-2021-64069)

Google TensorFlow, an end-to-end open source machine learning platform, is vulnerable to a divide by zero error in versions prior to Google TensorFlow 2.6.0. An attacker could exploit the vulnerability through a specially crafted parameter call in-place to cause a floating point exception, which...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63079)

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in Google TensorFlow. A local attacker could exploit this vulnerability to cause a denial of service condition...

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-63076)

Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow versions prior to 2.6.0. An attacker could exploit the vulnerability to cause a denial of service...