| 2022-07-25 | CVE-2022-34749 | In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. | 7.5 |
| 2022-07-25 | CVE-2022-35649 | Improper Input Validation vulnerability in multiple products
The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. | 9.8 |
| 2022-07-25 | CVE-2022-35650 | Improper Input Validation vulnerability in multiple products
The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. | 7.5 |
| 2022-07-25 | CVE-2022-35651 | Cross-site Scripting vulnerability in multiple products
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. | 6.1 |
| 2022-07-25 | CVE-2022-35652 | Open Redirect vulnerability in multiple products
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. | 6.1 |
| 2022-07-25 | CVE-2022-35653 | Cross-site Scripting vulnerability in multiple products
A reflected XSS issue was identified in the LTI module of Moodle. | 6.1 |
| 2022-07-25 | CVE-2020-7677 | This affects the package thenify before 3.3.1. | 9.8 |
| 2022-07-25 | CVE-2022-0670 | A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. | 9.1 |
| 2022-07-24 | CVE-2021-46829 | Integer Overflow or Wraparound vulnerability in multiple products
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. | 7.8 |
| 2022-07-20 | CVE-2022-31160 | jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. | 6.1 |