38 matches found
EUVD-2010-0531
Malware in sbrugna...
EUVD-2009-2819
Malware in sbrugna...
EUVD-2022-3806
Malicious code in bioql PyPI...
CVE-2010-0500
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
SUSE CVE-2015-3177
Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe capability before entering subscriptions to site-wide event-monitor rules, which allows remote authenticated users to obtain sensitive information via a subscription request...
Moodle sensitive information disclosure
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course...
Moodle allows attackers to discover hidden course names
admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...
Update Rollup 9 for System Center 2012 R2 Operations Manager
Update Rollup 9 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 9 for Microsoft System Center 2012 R2 Operations Manager. It also includes the installation instructions for the update rollup. Issues that are fixed in this...
Information Disclosure
Moodle is susceptible to unauthorized information access. If the event monitor tool contains site-wide rules, a malicious user can subscribe to them and access sensitive information...
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course...
Design/Logic Flaw
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course...
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course...
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course...
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course...
Moodle 3.0.x < 3.0.5 Multiple Vulnerabilities
Binary data 9522.prm...
Moodle < 3.1.1 Multiple Vulnerabilities
Binary data 9523.prm...
moodle -- multiple vulnerabilities
Marina Glancy reports: MSA-16-0019: Glossary search displays entries without checking user permissions to view them MSA-16-0020: Text injection in email headers MSA-16-0021: Unenrolled user still receives event monitor notifications even though they can no longer access course...
CVE-2016-2154
admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...
Design/Logic Flaw
admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...
CVE-2016-2154
admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...