CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2023-1920

Malicious code in bioql PyPI...

7.5CVSS5.6AI score0.00391EPSS

Exploits1References11

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-4189

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00112EPSS

Exploits0References5

Tenable Nessus•added 2025/09/10 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2021-36396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk...

7.5CVSS7.4AI score0.01884EPSS

Exploits2References2

Tenable Nessus•added 2025/09/02 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2018-1043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames. CVE-2018-1043 Note that Nessus relies on the presence of the...

6.5CVSS6.4AI score0.00112EPSS

Exploits0References2

Tenable Nessus•added 2025/09/02 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2023-35133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3,...

7.5CVSS6AI score0.00391EPSS

Exploits1References2

OSV•added 2024/03/06 10:58 a.m.•21 views

BIT-MOODLE-2023-35133 Moodle: ssrf risk due to insufficient check on the curl blocked hosts

An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions...

7.5CVSS7.2AI score0.00391EPSS

Exploits1References5

Positive Technologies•added 2023/06/26 12:0 a.m.•3 views

PT-2023-24192 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton affected versions not specified Description: BigBlueButton is an open source virtual classroom designed to help teachers teach and learners learn. In affected versions, a Server-Side Request Forgery SSRF vulnerability exists. Th...

6.5CVSS5.7AI score0.0012EPSS

Exploits0References11

ATTACKERKB•added 2023/06/22 9:15 p.m.•1 views

CVE-2023-35133

7.5CVSS5.8AI score0.00391EPSS

Exploits1References7

Prion•added 2023/06/22 9:15 p.m.•25 views

Server side request forgery (ssrf)

5CVSS7.3AI score0.00391EPSS

Exploits1References3Affected Software1

OSV•added 2023/06/22 9:15 p.m.•0 views

UBUNTU-CVE-2023-35133

7.5CVSS6AI score0.00391EPSS

Exploits1References3

Cvelist•added 2023/06/22 12:0 a.m.•17 views

CVE-2023-35133 Moodle: ssrf risk due to insufficient check on the curl blocked hosts

7.5CVSS7.5AI score0.00391EPSS

Exploits1References4

Vulnrichment•added 2023/06/22 12:0 a.m.•21 views

CVE-2023-35133 Moodle: ssrf risk due to insufficient check on the curl blocked hosts

7.5CVSS6.5AI score0.00391EPSS

Exploits1References4

Veracode•added 2023/03/14 2:15 a.m.•26 views

Server-side Request Forgery (SSRF)

moodle/moodle is vulnerable to Server-side Request Forgery SSRF. The vulnerability exists due to insufficient redirect handling in the urlisblocked function of curlsecurityhelper.php, which allows an attacker to bypass cURL-blocked hosts or port restrictions...

7.5CVSS7.6AI score0.01884EPSS

Exploits2References7Affected Software1

OSV•added 2023/03/06 9:15 p.m.•36 views

CVE-2021-36396

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk...

7.5CVSS7.7AI score

Exploits0References1

Prion•added 2023/03/06 9:15 p.m.•21 views

Server side request forgery (ssrf)

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk...

5CVSS7.4AI score0.01884EPSS

Exploits2References1Affected Software1

OSV•added 2023/03/06 9:15 p.m.•0 views

UBUNTU-CVE-2021-36396

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk...

7.5CVSS7.3AI score0.01884EPSS

Exploits2References3

SUSE CVE•added 2023/02/15 4:34 a.m.•1 views

SUSE CVE-2018-1043

In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames...

6.5CVSS6.5AI score0.00112EPSS

Exploits0References3

Github Security Blog•added 2022/05/13 1:48 a.m.•20 views

Moodle Setting for blocked hosts list can be bypassed with multiple A record hostnames

In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames...

6.5CVSS6.7AI score0.00112EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/13 1:48 a.m.•10 views

GHSA-HPWM-84H5-VQR8 Moodle Setting for blocked hosts list can be bypassed with multiple A record hostnames

In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames...

6.5CVSS6.3AI score0.00112EPSS

Exploits0References4

Positive Technologies•added 2020/11/08 12:0 a.m.•5 views

PT-2023-25158 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.9 to 3.9.21 Moodle versions 3.11 to 3.11.14 Moodle versions 4.0 to 4.0.8 Moodle versions 4.1 to 4.1.3 Moodle version 4.2 Description: The issue is related to the logic used to check 0.0.0.0 against the cURL blocked hosts...

9.8CVSS6.3AI score0.83646EPSS

Exploits12References90

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by