5 matches found
Mageia: Security Advisory (MGASA-2014-0483)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-7845
The generatepassword function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack...
CVE-2014-7845
The generatepassword function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack...
CVE-2014-7845
The CVE-2014-7845 vulnerability affects Moodle and concerns the generate_password function. The issue is that the temporary password pool is too small, enabling remote brute-force login attempts. Affected versions include Moodle 2.4.11 and 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before ...
Updated moodle package fixes security vulnerabilities
In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...