Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2019-14829 | Improper Following of Specification by Caller vulnerability in Moodle A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode. | 4.3 |
| 2021-03-19 | CVE-2019-14828 | Improper Authorization vulnerability in Moodle A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role. | 4.0 |
| 2021-03-19 | CVE-2019-10225 | Insufficiently Protected Credentials vulnerability in Redhat Openshift and Openshift Container Platform A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. | 6.5 |
| 2021-03-19 | CVE-2019-10200 | Improper Access Control vulnerability in Redhat Openshift Container Platform 4.0 A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. | 9.0 |
| 2021-03-19 | CVE-2019-10196 | Improper Initialization vulnerability in multiple products A flaw was found in http-proxy-agent, prior to version 2.1.0. | 9.0 |
| 2021-03-19 | CVE-2019-10128 | Improper Access Control vulnerability in Postgresql A vulnerability was found in postgresql versions 11.x prior to 11.3. | 4.1 |
| 2021-03-19 | CVE-2021-27520 | Cross-site Scripting vulnerability in Fudforum 3.1.0 A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter. | 4.3 |
| 2021-03-19 | CVE-2021-27519 | Cross-site Scripting vulnerability in Fudforum 3.1.0 A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "srch" parameter. | 4.3 |
| 2021-03-19 | CVE-2021-26992 | Unspecified vulnerability in Netapp Cloud Manager Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS). | 5.0 |
| 2021-03-19 | CVE-2021-26991 | Unspecified vulnerability in Netapp Cloud Manager Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager. | 5.0 |