Lucene search
K

491 matches found

ATTACKERKB
ATTACKERKB
added 2022/03/25 7:15 p.m.3 views

CVE-2022-0983

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...

8.8CVSS7.9AI score0.00898EPSS
Exploits0References4
Prion
Prion
added 2022/03/25 7:15 p.m.21 views

Sql injection

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...

6.5CVSS8.9AI score0.00898EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2022/03/25 7:15 p.m.3 views

UBUNTU-CVE-2022-0983

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...

8.8CVSS7.4AI score0.00898EPSS
Exploits0References2
CVE
CVE
added 2022/03/25 6:3 p.m.150 views

CVE-2022-0983

CVE-2022-0983 describes an SQL injection in Moodle’s badges code for configuring criteria. The issue affects Moodle releases where the badges feature is present, with public sources noting the vulnerability in Moodle 3.9.x before 3.9.13, 3.10.x before 3.10.10, and 3.11.x before 3.11.6. The access...

8.8CVSS8.8AI score0.00898EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/25 6:3 p.m.25 views

CVE-2022-0983

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...

9.2AI score0.00898EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2022/03/25 2:35 p.m.18 views

The Digital Citizen’s Guide to Navigating Cyber Conflict

As security professionals, we are currently being bombarded with warnings and alerts of a heightened threat level due to the possibility that Russia will start to more aggressively leverage cyberattacks as part of their offensive. If you are feeling the pressure of getting everything done, check...

7.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2022/03/25 12:0 a.m.51 views

CVE-2022-0983

An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default...

8.8CVSS7.3AI score0.00898EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/03/15 10:25 a.m.53 views

Moderate: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.8CVSS6.6AI score0.00367EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2022/03/15 9:11 a.m.37 views

libarchive security update

An update is available for libarchive. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...

7.8CVSS7.6AI score0.00367EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/03/11 1:11 p.m.32 views

Multiple Security Flaws Discovered in Popular Software Package Managers

Multiple security vulnerabilities have been disclosed in popular package managers that, if potentially exploited, could be abused to run arbitrary code and access sensitive information, including source code and access tokens, from compromised machines. It's, however, worth noting that the flaws...

0.8AI score
Exploits0
Trellix
Trellix
added 2022/02/07 12:0 a.m.34 views

Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer

Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer By Taylor Mullins · February 7, 2022 What information are you storing in your Browsers? Storing credentials and other important information in web browsers is a helpful method to not have to...

0.3AI score
Exploits0
Trellix
Trellix
added 2022/02/07 12:0 a.m.11 views

Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer

Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer By Taylor Mullins · February 7, 2022 What information are you storing in your Browsers? Storing credentials and other important information in web browsers is a helpful method to not have to...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/01/25 8:15 p.m.5 views

CVE-2022-0333

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events...

5.5CVSS6.4AI score0.00572EPSS
Exploits0References3
OSV
OSV
added 2022/01/21 11:52 p.m.3 views

GHSA-C6RP-XVQV-MWMF Cross-site Scripting in epubjs

managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...

6.1CVSS5.9AI score0.00937EPSS
Exploits0References5
OSV
OSV
added 2022/01/17 5:15 p.m.9 views

CVE-2021-33040

managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...

6.1CVSS6.8AI score
Exploits0References3
NVD
NVD
added 2022/01/17 5:15 p.m.12 views

CVE-2021-33040

managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...

6.1CVSS0.00937EPSS
Exploits0References3
Prion
Prion
added 2022/01/17 5:15 p.m.16 views

Cross site scripting

managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...

4.3CVSS6.2AI score0.00937EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/01/17 4:14 p.m.18 views

CVE-2021-33040

managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...

6.5AI score0.00937EPSS
Exploits0References3
CVE
CVE
added 2022/01/17 4:14 p.m.52 views

CVE-2021-33040

CVE-2021-33040 affects FuturePress EPub.js (prior to v0.3.89). The vulnerability is a XSS in managers/views/iframe.js due to insufficient escaping of user-submitted data. Used in the EPUB rendering library; impact is cross-site scripting. Public references indicate the fix is in v0.3.89 (upstream...

6.1CVSS6.2AI score0.00937EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2021/12/29 7:13 p.m.39 views

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud

While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. TL; DR ------ Analysis of...

7.8AI score
Exploits0References3
Rows per page
Query Builder