Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

221 – 230 of 583 results

CVE-2018-1043

Medium priority
Needs evaluation

In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2018-1042

Medium priority
Needs evaluation

Moodle 3.x has Server Side Request Forgery in the filepicker.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2017-15110

Medium priority
Not affected

In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This...

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not affected
Show less packages

CVE-2017-12157

Medium priority
Vulnerable

In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2017-12156

Medium priority
Vulnerable

Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2017-7532

Medium priority
Vulnerable

In Moodle 3.x, course creators are able to change system default settings for courses.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2017-7531

Medium priority
Vulnerable

In Moodle 3.3, the course overview block reveals activities in hidden courses.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2017-2642

Medium priority
Vulnerable

Moodle 3.x has user fullname disclosure on the user preferences page.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2017-7491

Low priority
Vulnerable

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2017-7490

Medium priority
Vulnerable

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages
  1. Previous page
  2. 21
  3. 22
  4. 23
  5. 24
  6. 25
  7. Next page
Export to JSON