Lucene search
K

10 matches found

Github Security Blog
Github Security Blog
added 2026/06/01 2:26 p.m.16 views

kas checks out SHA-like git branches as valid commits

Impact When relying solely on a git commit ID SHA-1 or SHA-256 to qualify if a checkout of a repository is equivalent to the state validated while adding its commit ID to a kas configuration, users may be tricked to check out a branch of the same name from this repository. This implies that the...

5.7AI score0.00018EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/21 9:49 p.m.7 views

MAL-2026-4524 Malicious code in claude-content-writer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b38e69b148dc7998c9ab02fb5b6c2a90413a88129cf7db96b1c900e9c830f719 On npm install, the package's postinstall hook runs scripts/install-dependencies.sh, which performs git clone --depth 1...

6AI score
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.5 views

Gradle security vulnerabilities

Gradle is a project build tool based on the JVM, developed by the American company Gradle Inc. It supports Maven, Ivy repositories, etc. Versions of Gradle prior to 9.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that certain exceptions were not treated as...

8.6CVSS5.8AI score0.00135EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2013-1835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive...

3.5CVSS5.5AI score0.01481EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/31 4:15 p.m.4 views

CVE-2022-28625

A local disclosure of sensitive information vulnerability was discovered in HPE OneView versions: Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability...

5.5CVSS6AI score0.00206EPSS
Exploits0References2
OSV
OSV
added 2022/08/31 4:15 p.m.4 views

CVE-2022-28625

A local disclosure of sensitive information vulnerability was discovered in HPE OneView versions: Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability...

5.5CVSS6AI score
Exploits0References1
OSV
OSV
added 2022/05/13 1:12 a.m.13 views

GHSA-CC94-HWJ3-RF65 Moodle's login_as feature leaks information from external repositories

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the loginas feature...

3.5CVSS8.8AI score0.01481EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.20 views

Moodle's login_as feature leaks information from external repositories

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the loginas feature...

3.5CVSS6.5AI score0.01481EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2013/03/25 9:55 p.m.23 views

CVE-2013-1835

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the loginas feature...

3.5CVSS8.8AI score0.01481EPSS
Exploits0References5
OSV
OSV
added 2013/03/11 4:0 a.m.3 views

UBUNTU-CVE-2013-1835

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the loginas feature...

3.5CVSS5.9AI score0.01481EPSS
Exploits0References2
Rows per page
Query Builder