moodle/moodle vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2024-48896Mediummoodle/moodle: Moodle leaks user namesCVE-2024-48901Mediummoodle/moodle: moodle: IDOR when fetching report schedulesCVE-2024-48897Mediummoodle/moodle: moodle: IDOR in edit/delete RSS feedCVE-2024-48900Mediummoodle/moodle: Moodle IDOR when accessing list of badge recipientsCVE-2024-43439Mediummoodle/moodle: Moodle reflected XSS via H5P error messageCVE-2024-43437Lowmoodle/moodle: Moodle Cross-site Scripting vulnerabilityCVE-2024-43433Lowmoodle/moodle: Moodle's user/power level management inconsistent with suspended usersCVE-2024-43429Lowmoodle/moodle: Moodle has user information visibility control issues in gradebook reportsCVE-2024-43432Lowmoodle/moodle: Moodle authorization headers preserved between "emulated redirects"CVE-2024-43427Lowmoodle/moodle: Moodle admin presets export tool includes some secrets that should not be exportedCVE-2024-43430Lowmoodle/moodle: Moodle has insufficient access controlCVE-2024-43435Lowmoodle/moodle: Moodle has insufficient capability checksCVE-2024-43431Mediummoodle/moodle: Moodle's IDOR in badges allows deletion of arbitrary badgesCVE-2024-43436Mediummoodle/moodle: Moodle vulnerable to site administration SQL injection via XMLDB editorCVE-2024-43438Mediummoodle/moodle: Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site usersCVE-2024-43434Highmoodle/moodle: Moodle has CSRF risk in Feedback non-respondents reportCVE-2024-43440Mediummoodle/moodle: Moodle LFI vulnerability when restoring malformed block backupsCVE-2024-43425Highmoodle/moodle: Moodle Remote Code Execution vulnerabilityCVE-2024-43428Mediummoodle/moodle: Moodle vulnerable to cache poisoning via injection into storageCVE-2024-43426Mediummoodle/moodle: Moodle has arbitrary file read risk through pdfTeXCVE-2024-38277Mediummoodle/moodle: Moodle uses the same key for QR login and auto-loginCVE-2024-38274Mediummoodle/moodle: Moodle stored XSS via calendar's event title when deleting the eventCVE-2024-38273Mediummoodle/moodle: Moodle BigBlueButton web service leaks meeting joining informationCVE-2024-38275Mediummoodle/moodle: Moodle HTTP authorization header is preserved between "emulated redirects"CVE-2024-38276Mediummoodle/moodle: Moodle CSRF risks due to misuse of confirm_sesskey

Stop the waste.
Protect your environment with Kodem.