exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2 643

CVE-2021-36396

почти 3 года назад

In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.

CVSS3: 7.5

EPSS: Низкий

CVE-2021-36396

почти 3 года назад

In Moodle, insufficient redirect handling made it possible to blindly ...

CVSS3: 7.5

EPSS: Низкий

CVE-2021-36395

почти 3 года назад

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2021-36395

почти 3 года назад

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2021-36395

почти 3 года назад

In Moodle, the file repository's URL parsing required additional recur ...

CVSS3: 7.5

EPSS: Низкий

CVE-2021-36394

почти 3 года назад

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

CVSS3: 9.8

EPSS: Средний

CVE-2021-36394

почти 3 года назад

In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.

CVSS3: 9.8

EPSS: Средний

CVE-2021-36394

почти 3 года назад

In Moodle, a remote code execution risk was identified in the Shibbole ...

CVSS3: 9.8

EPSS: Средний

CVE-2021-36393

почти 3 года назад

In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.

CVSS3: 9.8

EPSS: Средний

CVE-2021-36393

почти 3 года назад

In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.

CVSS3: 9.8

EPSS: Средний

CVE-2021-36393

почти 3 года назад

In Moodle, an SQL injection risk was identified in the library fetchin ...

CVSS3: 9.8

EPSS: Средний

CVE-2021-36392

почти 3 года назад

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-36392

почти 3 года назад

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-36392

почти 3 года назад

In Moodle, an SQL injection risk was identified in the library fetchin ...

CVSS3: 9.8

EPSS: Низкий

CVE-2021-32478

почти 4 года назад

The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.

CVSS3: 6.1

EPSS: Низкий

CVE-2021-32478

почти 4 года назад

CVSS3: 6.1

EPSS: Низкий

CVE-2021-32478

почти 4 года назад

The redirect URI in the LTI authorization endpoint required extra sani ...

CVSS3: 6.1

EPSS: Низкий

CVE-2021-32477

почти 4 года назад

The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability (site administrators by default). Moodle versions 3.10 to 3.10.3 are affected.

CVSS3: 4.3

EPSS: Низкий

CVE-2021-32477

почти 4 года назад

CVSS3: 4.3

EPSS: Низкий

CVE-2021-32477

почти 4 года назад

The last time a user accessed the mobile app is displayed on their pro ...

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-36396 In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.	CVSS3: 7.5	1% Низкий	почти 3 года назад
CVE-2021-36396 In Moodle, insufficient redirect handling made it possible to blindly ...	CVSS3: 7.5	1% Низкий	почти 3 года назад
CVE-2021-36395 In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2021-36395 In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2021-36395 In Moodle, the file repository's URL parsing required additional recur ...	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2021-36394 In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.	CVSS3: 9.8	21% Средний	почти 3 года назад
CVE-2021-36394 In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.	CVSS3: 9.8	21% Средний	почти 3 года назад
CVE-2021-36394 In Moodle, a remote code execution risk was identified in the Shibbole ...	CVSS3: 9.8	21% Средний	почти 3 года назад
CVE-2021-36393 In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.	CVSS3: 9.8	27% Средний	почти 3 года назад
CVE-2021-36393 In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.	CVSS3: 9.8	27% Средний	почти 3 года назад
CVE-2021-36393 In Moodle, an SQL injection risk was identified in the library fetchin ...	CVSS3: 9.8	27% Средний	почти 3 года назад
CVE-2021-36392 In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.	CVSS3: 9.8	1% Низкий	почти 3 года назад
CVE-2021-36392 In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.	CVSS3: 9.8	1% Низкий	почти 3 года назад
CVE-2021-36392 In Moodle, an SQL injection risk was identified in the library fetchin ...	CVSS3: 9.8	1% Низкий	почти 3 года назад
CVE-2021-32478 The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.	CVSS3: 6.1	4% Низкий	почти 4 года назад
CVE-2021-32478 The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected.	CVSS3: 6.1	4% Низкий	почти 4 года назад
CVE-2021-32478 The redirect URI in the LTI authorization endpoint required extra sani ...	CVSS3: 6.1	4% Низкий	почти 4 года назад
CVE-2021-32477 The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability (site administrators by default). Moodle versions 3.10 to 3.10.3 are affected.	CVSS3: 4.3	0% Низкий	почти 4 года назад
CVE-2021-32477 The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability (site administrators by default). Moodle versions 3.10 to 3.10.3 are affected.	CVSS3: 4.3	0% Низкий	почти 4 года назад
CVE-2021-32477 The last time a user accessed the mobile app is displayed on their pro ...	CVSS3: 4.3	0% Низкий	почти 4 года назад

Уязвимостей на страницу