CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Tenable Nessus•added 2025/09/03 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2020-25699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course...

7.5CVSS6.2AI score0.00344EPSS

Exploits0References2

Tenable Nessus•added 2025/09/03 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2020-25698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling...

7.5CVSS6.2AI score0.00701EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:59 a.m.•2 views

SUSE CVE-2010-1616

Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability...

4CVSS6.9AI score0.00277EPSS

Exploits0References4

Github Security Blog•added 2021/03/29 8:43 p.m.•45 views

Privilage Escalation in moodle

In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3,...

7.5CVSS7AI score0.00344EPSS

Exploits0References7Affected Software1

OpenVAS•added 2020/11/27 12:0 a.m.•15 views

Moodle < 3.5.14, 3.7.x < 3.7.9, 3.8.x < 3.8.6, 3.9.x < 3.9.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS7.6AI score0.00344EPSS

Exploits0References4

Veracode•added 2020/11/20 5:55 a.m.•19 views

Authorization Bypass

moodle/moodle is vulnerable to authorization bypass. A teacher is able to un-enrol users without permission using course restore...

7.5CVSS3.6AI score0.00701EPSS

Exploits0References7Affected Software1

Veracode•added 2020/11/20 5:50 a.m.•28 views

Privilege Escalation

Moodle is vulnerable to privilege escalation. Users with the ability to course restore are able to add additional capabilities to roles within that course because it does not check the user's permission to change capabilities...

7.5CVSS3.5AI score0.00344EPSS

Exploits0References6Affected Software1