Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2021-03-20 CVE-2021-28950 Excessive Iteration vulnerability in multiple products
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8.
local
low complexity
linux fedoraproject debian CWE-834
5.5
5.5
2021-03-19 CVE-2021-21267 Resource Exhaustion vulnerability in multiple products
Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector).
network
low complexity
schema-inspector-project netapp CWE-400
5.0
5.0
2021-03-19 CVE-2019-14831 Open Redirect vulnerability in Moodle
A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled.
network
low complexity
moodle CWE-601
6.1
6.1
2021-03-19 CVE-2019-14830 Open Redirect vulnerability in Moodle
A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where the mobile launch endpoint contained an open redirect in some circumstances, which could result in a user's mobile access token being exposed.
network
low complexity
moodle CWE-601
6.1
6.1
2021-03-19 CVE-2019-14829 Improper Following of Specification by Caller vulnerability in Moodle
A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.
network
low complexity
moodle CWE-573
4.3
4.3
2021-03-19 CVE-2019-14828 Improper Authorization vulnerability in Moodle
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role.
network
low complexity
moodle CWE-285
4.0
4.0
2021-03-19 CVE-2019-10225 Insufficiently Protected Credentials vulnerability in Redhat Openshift and Openshift Container Platform
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey.
network
low complexity
redhat CWE-522
6.5
6.5
2021-03-19 CVE-2019-10200 Improper Access Control vulnerability in Redhat Openshift Container Platform 4.0
A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes.
network
low complexity
redhat CWE-284
critical
 9.0
9.0
2021-03-19 CVE-2019-10196 Improper Initialization vulnerability in multiple products
A flaw was found in http-proxy-agent, prior to version 2.1.0.
network
low complexity
http-proxy-agent-project fedoraproject redhat CWE-665
critical
 9.0
9.0
2021-03-19 CVE-2019-10128 Improper Access Control vulnerability in Postgresql
A vulnerability was found in postgresql versions 11.x prior to 11.3. 		4.1
4.1