Lucene search
+L

99 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28136

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00373EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 10:30 p.m.22 views

CVE-2025-47942

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

5.3CVSS6.9AI score0.00373EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:52 a.m.8 views

CVE-2024-41806

The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become publicly available...

5.3CVSS6.7AI score0.00331EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:33 a.m.14 views

CVE-2024-22209

Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability has been patched in commit 019888f...

8.8CVSS6.9AI score0.00574EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 7:28 a.m.6 views

CVE-2018-20859

edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem...

6.1CVSS5.8AI score0.01202EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:40 a.m.6 views

CVE-2015-6253

edx-platform before 2015-08-17 allows XSS in the Studio listing of courses...

5.4CVSS6.1AI score0.0053EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:25 a.m.7 views

CVE-2015-6960

edx-platform before 2015-09-17 allows XSS via a team name...

6.1CVSS5.8AI score0.00641EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:19 a.m.12 views

CVE-2015-5601

edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files...

8.8CVSS7.5AI score0.0149EPSS
Exploits0References1
nvd
nvd
added 2025/05/21 10:15 p.m.16 views

CVE-2025-47942

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

5.3CVSS0.00373EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/05/21 9:15 p.m.5 views

CVE-2025-47942 Learners on edX Platform can download python_lib.zip

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

5.3CVSS5.3AI score0.00373EPSS
Exploits0References3
cvelist
cvelist
added 2025/05/21 9:15 p.m.15 views

CVE-2025-47942 Learners on edX Platform can download python_lib.zip

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

5.3CVSS0.00373EPSS
Exploits0References3
osv
osv
added 2025/05/21 9:15 p.m.10 views

CVE-2025-47942 Learners on edX Platform can download python_lib.zip

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

5.3CVSS7AI score0.00373EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/05/21 12:0 a.m.7 views

PT-2025-22436 · Unknown · Open Edx Platform

Name of the Vulnerable Software and Affected Versions: The Open edX Platform versions prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba Description: The issue concerns the Open edX Platform, a learning management platform, where prior to a specific commit, there was no built-in protection...

5.3CVSS6.4AI score0.00373EPSS
Exploits0References7
cnnvd
cnnvd
added 2025/05/21 12:0 a.m.7 views

Open edX Platform 安全漏洞

Open edX Platform is an open source course management system CMS from Open edX Open Source. The system can be used for MOOCs Massive Open Online Courses as well as smaller courses and training modules. A security vulnerability exists in versions prior to Open edX Platform 6740e75, which stems fro...

5.3CVSS6.6AI score0.00373EPSS
Exploits0References3
cve
cve
added 2024/08/23 2:35 p.m.60 views

CVE-2024-43782

Technical details about CVE-2024-43782 are not publicly provided in the supplied documents. Monitor for updates as affected versions, exploit availability, and fixes may be disclosed in future advisories.

9.8CVSS7.6AI score0.00511EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2024/08/23 2:35 p.m.22 views

CVE-2024-43782 openedx-translations's Atlas translations for Open edX missing validation

This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using...

7.7CVSS6.8AI score0.00511EPSS
Exploits0References3
cvelist
cvelist
added 2024/08/23 2:35 p.m.33 views

CVE-2024-43782 openedx-translations's Atlas translations for Open edX missing validation

This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using...

7.7CVSS0.00511EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/08/23 12:0 a.m.13 views

PT-2024-30652 · Open Edx +1 · Openedx-Atlas +4

Name of the Vulnerable Software and Affected Versions: openedx-translations affected versions not specified edx-platform versions from 'redwood' to 'master' Description: The openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex...

9.8CVSS6.6AI score0.00511EPSS
Exploits0References13
bdu_fstec
bdu_fstec
added 2024/07/31 12:0 a.m.8 views

The vulnerability of the AWS S3 Bucket Handler component of the online training platform Open edX, which allows a hacker to expose protected information.

The vulnerability of the AWS S3 Bucket Handler component of the online training platform Open edX Platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

5.3CVSS5.4AI score0.00331EPSS
Exploits0References4
nvd
nvd
added 2024/07/25 3:15 p.m.11 views

CVE-2024-41806

The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become publicly available...

5.3CVSS0.00331EPSS
Exploits0References2
Rows per page
Query Builder