Lucene search
K

617 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.7 views

Moodle < 4.1.10 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 4.1.10, or 4.2.x prior to 4.2.7 or 4.3.x prior to 4.3.3. It is, therefore, affected by multiple vulnerabilities. - Actions in the admin management of analytics models did not include the necessary tok...

8.8CVSS6.3AI score0.00494EPSS
Exploits0References33
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.26 views

Moodle 4.1.x < 4.1.2 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.20, 3.11.x prior to 3.11.13, 4.0.x prior to 4.0.7 or 4.1.x prior to 4.1.2. It is, therefore, affected by multiple vulnerabilities. - The course participation report required additional checks to...

9.8CVSS7.5AI score0.01195EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.24 views

Moodle 3.11.x < 3.11.13 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.20, 3.11.x prior to 3.11.13, 4.0.x prior to 4.0.7 or 4.1.x prior to 4.1.2. It is, therefore, affected by multiple vulnerabilities. - The course participation report required additional checks to...

9.8CVSS7.5AI score0.01195EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2025/04/02 4:37 p.m.14 views

CVE-2025-1449

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory ADI capability deprecated since the 1.36 release allows users to change a variable with...

7.5CVSS7.4AI score0.00663EPSS
Exploits0References3
NVD
NVD
added 2025/03/31 4:15 p.m.8 views

CVE-2025-1449

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory ADI capability deprecated since the 1.36 release allows users to change a variable with...

7.5CVSS0.00663EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 4:0 p.m.6 views

CVE-2025-1449 Admin Shell Access Vulnerability in Rockwell Automation Verve Asset Manager

A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory ADI capability deprecated since the 1.36 release allows users to change a variable with...

7.5CVSS6.7AI score0.00663EPSS
Exploits0References1
OSV
OSV
added 2025/02/24 9:31 p.m.12 views

GHSA-WR88-X8CM-7CGQ Moodle has a stored XSS risk in admin live log

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS7.7AI score0.00478EPSS
Exploits1References4
OSV
OSV
added 2025/02/24 9:31 p.m.10 views

GHSA-4HMR-39VP-XFRR Moodle has an arbitrary file read risk through pdfTeX

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live installed...

8.6CVSS8.5AI score0.00409EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/02/24 9:31 p.m.21 views

Moodle allows reflected XSS via question bank filter

The question bank filter required additional sanitizing to prevent a reflected XSS risk...

8.3CVSS6.1AI score0.00333EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/02/24 9:31 p.m.18 views

Moodle has an arbitrary file read risk through pdfTeX

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live installed...

8.6CVSS7.2AI score0.00409EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/02/24 9:31 p.m.33 views

Moodle has a stored XSS risk in admin live log

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS5.6AI score0.00478EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/02/24 8:15 p.m.12 views

CVE-2025-26525

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live installed...

8.6CVSS0.00409EPSS
Exploits0References2
NVD
NVD
added 2025/02/24 8:15 p.m.21 views

CVE-2025-26529

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS0.00478EPSS
Exploits1References2
OSV
OSV
added 2025/02/24 8:15 p.m.4 views

UBUNTU-CVE-2025-26529

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS5.6AI score0.00478EPSS
Exploits1References4
OSV
OSV
added 2025/02/24 8:15 p.m.3 views

UBUNTU-CVE-2025-26525

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live installed...

8.6CVSS5.9AI score0.00409EPSS
Exploits0References4
OSV
OSV
added 2025/02/24 8:15 p.m.6 views

UBUNTU-CVE-2025-26530

The question bank filter required additional sanitizing to prevent a reflected XSS risk...

8.3CVSS5.8AI score0.00333EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/24 7:56 p.m.14 views

CVE-2025-26530 Reflected XSS via question bank filter

The question bank filter required additional sanitizing to prevent a reflected XSS risk...

8.3CVSS0.00333EPSS
Exploits0References2
CVE
CVE
added 2025/02/24 7:56 p.m.100 views

CVE-2025-26530

CVE-2025-26530 concerns Moodle where the question bank filter allowed a reflected XSS risk due to insufficient sanitization. The connected documents corroborate a reflected XSS in Moodle’s question bank filter, without detailing affected versions or patches in the provided sources. The CVE descri...

8.3CVSS6.1AI score0.00333EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/24 7:52 p.m.25 views

CVE-2025-26529 Stored XSS risk in admin live log

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS5.7AI score0.00478EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/24 7:31 p.m.12 views

CVE-2025-26525 Arbitrary file read risk through pdfTeX

Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live installed...

8.6CVSS0.00409EPSS
Exploits0References2
Rows per page
Query Builder