exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2 470

CVE-2020-25627

больше 4 лет назад

The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.

CVSS3: 6.1

EPSS: Низкий

CVE-2020-25627

больше 4 лет назад

The moodlenetprofile user profile field required extra sanitizing to p ...

CVSS3: 6.1

EPSS: Низкий

CVE-2020-1756

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.

CVSS3: 7.2

EPSS: Низкий

CVE-2020-1756

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.

CVSS3: 7.2

EPSS: Низкий

CVE-2020-1756

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input es ...

CVSS3: 7.2

EPSS: Низкий

CVE-2020-1755

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.

CVSS3: 5.3

EPSS: Низкий

CVE-2020-1755

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.

CVSS3: 5.3

EPSS: Низкий

CVE-2020-1755

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For heade ...

CVSS3: 5.3

EPSS: Низкий

CVE-2020-1754

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.

CVSS3: 4.3

EPSS: Низкий

CVE-2020-1754

почти 3 года назад

CVSS3: 4.3

EPSS: Низкий

CVE-2020-1754

почти 3 года назад

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the gra ...

CVSS3: 4.3

EPSS: Низкий

CVE-2020-1692

больше 5 лет назад

Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.

CVSS3: 8.1

EPSS: Низкий

CVE-2020-1692

больше 5 лет назад

Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.

CVSS3: 8.1

EPSS: Низкий

CVE-2020-1692

больше 5 лет назад

Moodle before version 3.7.2 is vulnerable to information exposure of s ...

CVSS3: 8.1

EPSS: Низкий

CVE-2020-1691

почти 3 года назад

In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.

CVSS3: 5.4

EPSS: Низкий

CVE-2020-1691

почти 3 года назад

In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.

CVSS3: 5.4

EPSS: Низкий

CVE-2020-1691

почти 3 года назад

In Moodle 3.8, messages required extra sanitizing before updating the ...

CVSS3: 5.4

EPSS: Низкий

CVE-2020-14322

почти 3 года назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2020-14322

почти 3 года назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.

CVSS3: 7.5

EPSS: Низкий

CVE-2020-14322

почти 3 года назад

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-25627 The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.	CVSS3: 6.1	5% Низкий	больше 4 лет назад
CVE-2020-25627 The moodlenetprofile user profile field required extra sanitizing to p ...	CVSS3: 6.1	5% Низкий	больше 4 лет назад
CVE-2020-1756 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.	CVSS3: 7.2	1% Низкий	почти 3 года назад
CVE-2020-1756 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.	CVSS3: 7.2	1% Низкий	почти 3 года назад
CVE-2020-1756 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input es ...	CVSS3: 7.2	1% Низкий	почти 3 года назад
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.	CVSS3: 5.3	0% Низкий	почти 3 года назад
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.	CVSS3: 5.3	0% Низкий	почти 3 года назад
CVE-2020-1755 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For heade ...	CVSS3: 5.3	0% Низкий	почти 3 года назад
CVE-2020-1754 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.	CVSS3: 4.3	0% Низкий	почти 3 года назад
CVE-2020-1754 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.	CVSS3: 4.3	0% Низкий	почти 3 года назад
CVE-2020-1754 In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the gra ...	CVSS3: 4.3	0% Низкий	почти 3 года назад
CVE-2020-1692 Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-1692 Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-1692 Moodle before version 3.7.2 is vulnerable to information exposure of s ...	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-1691 In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.	CVSS3: 5.4	1% Низкий	почти 3 года назад
CVE-2020-1691 In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.	CVSS3: 5.4	1% Низкий	почти 3 года назад
CVE-2020-1691 In Moodle 3.8, messages required extra sanitizing before updating the ...	CVSS3: 5.4	1% Низкий	почти 3 года назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2020-14322 In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to l ...	CVSS3: 7.5	0% Низкий	почти 3 года назад

Уязвимостей на страницу