by Michael Hawkins. Teachers in an assignment group could modify group overrides for other groups in the same assignment.Severity/Risk:MinorVersions affected:3.7, 3.6 to 3.6.4, 3.5 to 3.5.6 and earlier unsupported versionsVersions fixed:3.7.1, 3.6.5 and 3.5.7Reported by:David MonllaóCVE identifier:CVE-2019-10189Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-61114Tracker issue:MDL-61114 Assignment group overrides did not observe
More info:
https://moodle.org/mod/forum/discuss.php?d=388570&parent=1566332
http://feedproxy.google.com/~r/sucuri/blog/~3/WFfqeg0Za4M/the-cost-of-a-hacked-website-survey.html As part of our commitment to the website security community, we want to know the true impacts of a website compromise from the owner’s perspective. If you are a business that has dealt with any type of website attack, your participation in this six-minute survey will help us improve our services and support website […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/WFfqeg0Za4M/the-cost-of-a-hacked-website-survey.html
Multiple security issues have been found in Thunderbird which couldpotentially result in the execution of arbitrary code, cross-sitescripting, spoofing, information disclosure, denial of service orcross-site request forgery.
More info:
https://www.debian.org/security/2019/dsa-4482
https://www.wordfence.com/blog/2019/07/critical-vulnerability-patched-in-ad-inserter-plugin/ Description: Authenticated Remote Code ExecutionAffected Plugin: Ad InserterAffected Versions: <= 2.4.21CVSS Score: 9.9 (Critical)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H On Friday, July 12th, our Threat Intelligence team discovered a vulnerability present in Ad Inserter, a WordPress plugin installed on over 200,000 websites. The weakness allowed authenticated users (Subscribers and
More info:
https://www.wordfence.com/blog/2019/07/critical-vulnerability-patched-in-ad-inserter-plugin/
Linux kernel vulnerability CVE-2019-11599 Security Advisory Security Advisory Description The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to ...
More info:
https://support.f5.com/csp/article/K51674118
Linux kernel vulnerability CVE-2019-11599 Security Advisory Security Advisory Description The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to ...
More info:
https://support.f5.com/csp/article/K51674118
by Michael Hawkins. The third party TCPDF library used by Moodle required updating to patch bug fixes, including a security fix (see CVE for more details).Severity/Risk:MinorVersions affected:3.7, 3.6 to 3.6.4, 3.5 to 3.5.6 and earlier unsupported versionsVersions fixed:3.7.1, 3.6.5 and 3.5.7Reported by:Dan MarsdenCVE identifier:CVE-2018-17057Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64794Tracker issue:MDL-64794 Upgrade TCPDF library
More info:
https://moodle.org/mod/forum/discuss.php?d=388571&parent=1566333
by Michael Hawkins. The third party TCPDF library used by Moodle required updating to patch bug fixes, including a security fix (see CVE for more details).Severity/Risk:MinorVersions affected:3.7, 3.6 to 3.6.4, 3.5 to 3.5.6 and earlier unsupported versionsVersions fixed:3.7.1, 3.6.5 and 3.5.7Reported by:Dan MarsdenCVE identifier:CVE-2018-17057Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64794Tracker issue:MDL-64794 Upgrade TCPDF library
More info:
https://moodle.org/mod/forum/discuss.php?d=388571&parent=1566333
https://wpvulndb.com/vulnerabilities/9449
More info:
https://wpvulndb.com/vulnerabilities/9449
https://wpvulndb.com/vulnerabilities/9450
More info:
https://wpvulndb.com/vulnerabilities/9450
