CVE ID : CVE-2025-32979
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32980
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32982
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32981
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32983
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32984
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32985
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46333
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : z2d is a pure Zig 2D graphics library. In version 0.6.0, when writing from one surface to another using `z2d.compositor.StrideCompositor.run`, the source surface can be completely out-of-bounds on the x-axis (but not on the y-axis) by way of a negative offset. This results in an overflow of the value controlling the length of the stride. In non-safe optimization modes (consumers compiling with `ReleaseFast` or `ReleaseSmall`), this could potentially lead to invalid memory accesses or corruption. This issue is patched in version 0.6.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-32986
Published : April 25, 2025, 9:15 p.m. | 1 hour, 46 minutes ago
Description : NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3638
Published : April 25, 2025, 3:15 p.m. | 4 hours, 29 minutes ago
Description : A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3637
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicly through the site’s URL. This vulnerability occurred specifically on two types of pages within the mod_data module: edit and delete pages.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3635
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3628
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3636
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3640
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3644
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3645
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users’ names and online statuses.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3643
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to prevent a reflected Cross-site scripting (XSS) risk.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3647
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-43016
Published : April 25, 2025, 3:15 p.m. | 3 hours, 46 minutes ago
Description : In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…