Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

71 – 80 of 582 results

CVE-2021-36402

Medium priority
Needs evaluation

In Moodle, Users' names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36401

Medium priority
Needs evaluation

In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36400

Medium priority
Needs evaluation

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36399

Medium priority
Needs evaluation

In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36398

Medium priority
Needs evaluation

In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36397

Medium priority
Needs evaluation

In Moodle, insufficient capability checks meant message deletions were not limited to the current user.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36396

Medium priority
Needs evaluation

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36395

Medium priority
Needs evaluation

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36394

Medium priority
Needs evaluation

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2021-36393

Medium priority
Needs evaluation

In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.

1 affected packages

moodle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Needs evaluation Needs evaluation
Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON