CVE Alert: CVE-2025-3625
Vulnerability Summary: CVE-2025-3625 A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information...
Vulnerabilities
CVE Alert: CVE-2025-3627
Vulnerability Summary: CVE-2025-3627 A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other...
CVE Alert: CVE-2025-3634
Vulnerability Summary: CVE-2025-3634 A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing...
CVE Alert: CVE-2025-3641
Vulnerability Summary: CVE-2025-3641 A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS...
CVE Alert: CVE-2025-3640
Vulnerability Summary: CVE-2025-3640 A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in...
CVE Alert: CVE-2025-28076
Vulnerability Summary: CVE-2025-28076 Multiple SQL injection vulnerabilities in EasyVirt DCScope
CVE Alert: CVE-2025-32044
Vulnerability Summary: CVE-2025-32044 A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user...
CVE Alert: CVE-2025-32045
Vulnerability Summary: CVE-2025-32045 A flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users...
CVE Alert: CVE-2025-3628
Vulnerability Summary: CVE-2025-3628 A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing...
CVE Alert: CVE-2025-3637
Vulnerability Summary: CVE-2025-3637 A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks...
CVE Alert: CVE-2025-3638
Vulnerability Summary: CVE-2025-3638 A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include...
CVE Alert: CVE-2025-3635
Vulnerability Summary: CVE-2025-3635 A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to...
CVE Alert: CVE-2025-3636
Vulnerability Summary: CVE-2025-3636 A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds...
CVE Alert: CVE-2025-3647
Vulnerability Summary: CVE-2025-3647 A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access...
CVE Alert: CVE-2025-3644
Vulnerability Summary: CVE-2025-3644 A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections...
CVE Alert: CVE-2025-3645
Vulnerability Summary: CVE-2025-3645 A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to...
CVE Alert: CVE-2025-3643
Vulnerability Summary: CVE-2025-3643 A flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to...
CVE Alert: CVE-2025-3642
Vulnerability Summary: CVE-2025-3642 A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS...
CVE Alert: CVE-2025-46433
Vulnerability Summary: CVE-2025-46433 In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible Affected Endpoints: No affected...
CVE Alert: CVE-2025-43016
Vulnerability Summary: CVE-2025-43016 In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session Affected...
CVE Alert: CVE-2025-46618
Vulnerability Summary: CVE-2025-46618 In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab Affected Endpoints: No affected...
CVE Alert: CVE-2025-43862
Vulnerability Summary: CVE-2025-43862 Dify is an open-source LLM app development platform. Prior to version 0.6.12, a normal user is able...
CVE Alert: CVE-2025-46432
Vulnerability Summary: CVE-2025-46432 In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs Affected Endpoints: No affected...
CVE Alert: CVE-2025-2070
Vulnerability Summary: CVE-2025-2070 An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads...
