CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UbuntuCve•added 2017/03/26 6:59 p.m.•29 views

CVE-2017-2644

In Moodle 3.x, XSS can occur via evidence of prior learning...

6.1CVSS6.7AI score0.01054EPSS

Exploits0References4

OSV•added 2017/03/26 6:59 p.m.•14 views

CVE-2017-2645

In Moodle 3.x, XSS can occur via attachments to evidence of prior learning...

6.1CVSS5.9AI score

NVD•added 2017/03/26 6:59 p.m.•13 views

CVE-2017-2644

In Moodle 3.x, XSS can occur via evidence of prior learning...

6.1CVSS6AI score0.01054EPSS

Cvelist•added 2017/03/26 6:0 p.m.•28 views

CVE-2017-2644

In Moodle 3.x, XSS can occur via evidence of prior learning...

6.2AI score0.01054EPSS

CVE•added 2017/03/26 6:0 p.m.•73 views

CVE-2017-2645

CVE-2017-2645 describes an XSS vulnerability in Moodle 3.x, triggerable through attachments to evidence of prior learning. The entry specifies a cross-site scripting flaw with a CVSS base score of 4.3 (NVD CVSS2) and 6.1 (CVSS3), indicating network access, no authentication, and user interaction ...

6.1CVSS6AI score0.01054EPSS

Exploits0References3Affected Software1

CVE•added 2017/03/26 6:0 p.m.•63 views

CVE-2017-2644

CVE-2017-2644 affects Moodle 3.x and enables cross-site scripting via evidence of prior learning. It is a network‑based XSS with no authentication, requiring user interaction per CVSS, and results in partial integrity impact and low confidentiality impact. Public details indicate multiple advisor...

6.1CVSS6AI score0.01054EPSS

Exploits0References3Affected Software1

CNVD•added 2017/03/02 12:0 a.m.•3 views

IBM Kenexa LCMS Premier on Cloud SQL Injection Vulnerability

IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. IBM Kenexa LCMS Premier on Cloud suffers from a SQL injection vulnerability that could allow a remote attacker to view,...

7.1CVSS7.9AI score0.00853EPSS

Exploits0References1

n0where•added 2017/02/14 5:45 a.m.•25 views

Detects Clickbait Headlines Using Deep Learning: Clickbait Detector

Detects Clickbait Headlines Using Deep Learning People continually fall for clickbait and as Wired in it’s article mentioned Whether you think clickbait is on the rise, obscurant and self-negating, not such a big deal, or the root of all evil, one thing is clear about it: It’s increasingly hard t...

7.2AI score

Japan Vulnerability Notes•added 2017/02/09 5:40 a.m.•1 views

Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to cross-site request forgery

Overview AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA is a hands-on vulnerability learning tool. Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains a cross-site request forgery vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/...

8.8CVSS6.4AI score0.00769EPSS

Exploits0References5

Japan Vulnerability Notes•added 2017/02/09 12:0 a.m.•29 views

JVN#87662835: Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to DNS rebinding

AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA is a hands-on vulnerability learning tool. Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains a DNS rebinding vulnerability. Impact If a user accesses a malicious web page, arbitrary code may be...

6.8CVSS6.5AI score0.00956EPSS

CNVD•added 2017/02/08 12:0 a.m.•2 views

IBM Kenexa LCMS Premier on Cloud Information Disclosure Vulnerability (CNVD-2017-01326)

IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. A security vulnerability exists in IBM Kenexa LCMS Premier on Cloud. An attacker could exploit the vulnerability by sendi...

4.3CVSS6.5AI score0.01284EPSS

Exploits0References1

Fedora•added 2017/02/07 12:26 a.m.•30 views

[SECURITY] Fedora 25 Update: moodle-3.1.4-1.fc25

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

6.1CVSS1.9AI score0.01196EPSS

rapid7community•added 2017/02/06 8:41 p.m.•14 views

Incident Detection and Investigation - How Math Helps But Is Not Enough

I love math. I am even going to own up to having been a "mathlete" and looking forward to the annual UVM Math Contest in high school. I pursued a degree in engineering, so I can now more accurately say that I love applied mathematics, which have a much different goal than pure mathematics. Taking...

6.7AI score

OSV•added 2017/02/01 10:59 p.m.•1 views

CVE-2016-8929

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

5.4CVSS5.9AI score0.00877EPSS

OSV•added 2017/02/01 10:59 p.m.•2 views

CVE-2016-8933

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences /../ to view arbitrary files on the system...

6.5CVSS5.9AI score0.01812EPSS

OSV•added 2017/02/01 10:59 p.m.•1 views

CVE-2016-8932

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...

8.8CVSS6.2AI score

OSV•added 2017/02/01 10:59 p.m.•4 views

CVE-2016-8930

7.6CVSS5.9AI score0.00969EPSS

Fedora•added 2017/02/01 9:51 p.m.•42 views

[SECURITY] Fedora 24 Update: moodle-3.1.4-1.fc24

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

6.1CVSS1.9AI score0.01196EPSS