编号撤回

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question answering. Chamilo LMS v1.11.13 contains a code injection vulnerability that could be exploited by a...

Security Bulletin: Vulnerability in json4j - CVE-2021-3918 (Publicly disclosed vulnerability) impacts IBM Watson Machine Learning Accelerator

Summary Json4j is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability CVE-2021-3918 by upgrading addressable to latest version. Vulnerability Details CVEID: CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execu...

The Forecast Is Flipped: Flipping L&D in New Hire Training

Rapid7’s onboarding program, Making the Band, first came to the stage in the fall of 2017 when the original 2-week, video-based program evolved into a dynamic 90-day experience. The updated program delivered learnings to new hires through digital self-paced content and a 2-day live training focus...

[SECURITY] Fedora 36 Update: moodle-3.11.6-1.fc36

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

Security Bulletin: Vulnerability in [All] Spring Framework - CVE-2021-22060 (Publicly disclosed vulnerability) impacts IBM Watson Machine Learning Accelerator

Summary Spring Framework is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability CVE-2021-22060 by upgrading addressable to latest version. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Moodle Access Control Error Vulnerability (CNVD-2022-54955)

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. an access control error vulnerability exists in Moodle, which stems from improper access restrictions. A remote attacker could use the...

Moodle Licensing Issue Vulnerability (CNVD-2022-54954)

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. a security vulnerability exists in Moodle, which stems from an application that does not properly impose security restrictions. A remo...

[SECURITY] Fedora 35 Update: moodle-3.11.6-1.fc35

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

[SECURITY] Fedora 34 Update: moodle-3.11.6-1.fc34

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

Chamilo LMS 代码注入漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. Chamilo LMS version 1.11.14 contains a code injection vulnerability that could be exploited by attackers to execute arbitrary code via a specially crafted plug-in...

Chamilo LMS 跨站请求伪造漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. Chamilo LMS version 1.11.14 is vulnerable to cross-site request forgery, which can be exploited by attackers to execute arbitrary commands on the victim host via user interaction with specially...

CVE-2022-24770

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

Input validation

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

DRUPAL-CONTRIB-2022-029

This module is used as part of the Opigno LMS distribution and implements learning paths for the LMS. The module was providing too much user information about users such as the list of groups a uid is in...

Opigno Learning path - Moderately critical - Access bypass - SA-CONTRIB-2022-029

This module is used as part of the Opigno LMS distribution and implements learning paths for the LMS. The module was providing too much user information about users such as the list of groups a uid is in...

HaccTheHub - Open Source Self-Hosted Cyber Security Learning Platform

Open source self-hosted cyber security learning platform About The Project HaccTheHub is an open source project that provides cyber security The HaccTheHub system consists of 3 main parts: Docker: containing all of the boxes creating the environment in which we'll be learning on. The backend:...

Xerte Cross-Site Scripting Vulnerability

Xerte is an open source software from The Xerte Project community in the UK. Used to create learning objects. Xerte has a security vulnerability that stems from a site scripting XSS vulnerability in The Xerte Project via the link parameter in print.php. No details of the vulnerability are current...

Akamai Wins Brandon Hall Award for Best Learning Technology

The Technical Enablement and Education team, part of Akamai’s Global Services organization, has won a coveted Brandon Hall Group silver medal for “Excellence in Technology,” for their automatic hands-on Lab Validation System LVS. The automatic LVS is used throughout Global Service training course...

Xerte 跨站脚本漏洞

Xerte is an open source software from The Xerte Project community in the UK. Used to create learning objects. Xerte has a security vulnerability that stems from a site scripting XSS vulnerability in The Xerte Project via the link parameter in print.php. No details of the vulnerability are current...

Alluxio has an unspecified vulnerability

Alluxio is Alluxio's to improve the speed of end-to-end distributed machine learning in the cloud. a security vulnerability exists in versions prior to Alluxio 2.7.3, which stems from the failure of the log server to validate input streams. No details of the vulnerability are currently available...