Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 645
CVE-2025-3642
A flaw was found in Moodle. A remote code execution risk was identifie ...
CVE-2025-3642
A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.
CVE-2025-3641
A flaw was found in Moodle. A remote code execution risk was identifie ...
CVE-2025-3641
A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled.
CVE-2025-3640
A flaw was found in Moodle. Insufficient capability checks made it pos ...
CVE-2025-3640
A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.
CVE-2025-3638
A flaw was found in Moodle. The analysis request action in the Brickfi ...
CVE-2025-3638
A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.
CVE-2025-3637
A security vulnerability was found in Moodle where confidential inform ...
CVE-2025-3637
A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2025-3642 A flaw was found in Moodle. A remote code execution risk was identifie ... | CVSS3: 8.8 | 1% Низкий | 9 месяцев назад |
 | CVE-2025-3642 A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled. | CVSS3: 8.8 | 1% Низкий | 9 месяцев назад |
| CVE-2025-3641 A flaw was found in Moodle. A remote code execution risk was identifie ... | CVSS3: 8.8 | 1% Низкий | 9 месяцев назад |
| CVE-2025-3641 A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled. | CVSS3: 8.8 | 1% Низкий | 9 месяцев назад |
| CVE-2025-3640 A flaw was found in Moodle. Insufficient capability checks made it pos ... | CVSS3: 4.3 | 0% Низкий | 9 месяцев назад |
| CVE-2025-3640 A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access. | CVSS3: 4.3 | 0% Низкий | 9 месяцев назад |
| CVE-2025-3638 A flaw was found in Moodle. The analysis request action in the Brickfi ... | CVSS3: 8.8 | 0% Низкий | 9 месяцев назад |
| CVE-2025-3638 A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk. | CVSS3: 8.8 | 0% Низкий | 9 месяцев назад |
| CVE-2025-3637 A security vulnerability was found in Moodle where confidential inform ... | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
| CVE-2025-3637 A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages. | CVSS3: 3.1 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу