33 matches found
CVE-2022-41901
TensorFlow is an open source platform for machine learning. An input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in...
Moodle Information Disclosure Vulnerability (CNVD-2025-10585)
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that can be exploited by an attacker to obtain sensitive student...
Moodle Information Disclosure Vulnerability (CNVD-2025-10584)
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from a security issue that can be exploited by an...
Moodle Permission Issues Vulnerability
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. A vulnerability exists in Moodle for privilege issues. The vulnerability stems from insufficient permission checking that allo...
Moodle Access Control Error Vulnerability
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an Access Control Error vulnerability that stems from insufficient access control over the inclusion of an...
Moodle SQL Injection Vulnerability (CNVD-2024-44850)
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements i...
Moodle Uncontrolled Resource Consumption Vulnerability
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. An uncontrolled resource consumption vulnerability exists in the Moodle URL parsing process, which can be exploited by an attacker to...
Moodle Access Control Error Vulnerability (CNVD-2022-54955)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. an access control error vulnerability exists in Moodle, which stems from improper access restrictions. A remote attacker could use the...
Moodle Licensing Issue Vulnerability (CNVD-2022-54954)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. a security vulnerability exists in Moodle, which stems from an application that does not properly impose security restrictions. A remo...
Moodle Access Control Error Vulnerability (CNVD-2022-09259)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from an Access Control Error vulnerability that arises from a networked system or product that does not properly restric...
Moodle Cross-Site Request Forgery Vulnerability (CNVD-2021-92541)
Moodle is a free and open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. This could lead to cross-site request forgery attacks. No details of the vulnerability are currently available...
Google TensorFlow Arbitrary File Overwrite Vulnerability
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from an arbitrary file overwrite vulnerability, which originates from an issue caused when tf.keras.utils.getfile is used with extract=True, and can be exploited by an...
Critical Security Bugs Fixed in Virtual Learning Software
Netop, the company behind a popular software tool designed to let teachers remotely access student computers, has fixed four security bugs in its platform. Researchers said that the critical vulnerabilities in the company’s Netop Vision Pro system could allow attackers to hijack school networks,...
Moodle cross-site scripting vulnerability (CNVD-2021-28733)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site scripting vulnerability that stems from Text-based feedback answers. No details of the vulnerability a...
Moodle cross-site scripting vulnerability (CNVD-2021-09496)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in Moodle versions prior to 3.10.1, 3.9.4, 3.8.7 and 3.5.16, which originates from TeX...
Extreme Office has a heap overflow vulnerability
Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. A heap overflow vulnerability exists in Extreme Office. An attacker can exploit this vulnerability to cause the program to crash...
Extreme Office has an array out-of-bounds read vulnerability
Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. An array out-of-bounds read vulnerability exists in Extreme Office. An attacker can exploit this vulnerability to cause the program to crash...
Extreme Office suffers from a memory corruption vulnerability (CNVD-2021-03422)
Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. A memory corruption vulnerability exists in Extreme Office. An attacker can exploit this vulnerability to cause the program to crash...
Moodle Access Control Error Vulnerability (CNVD-2021-28739)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from the fact that a user typically a course administrator with "logged in as"...
Moodle Cross-Site Scripting Vulnerability (CNVD-2021-28740)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site scripting vulnerability that stems from a filter requiring additional cleanup to prevent the risk of...