Security and privacy

I don't know the settings of your system but at least that memory limit issue sounds like a false alert. The original advisory said:

"The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete."

Too low php memory limit or a couple of other php/server settings can cause troubles - moodle can stop responding or particularly IE (browser) can stop responding for various reasons and they don't mean an attack. For example administrator or teacher tries to take course backup from a very large course or user tries to paste directly a very large document from word to wiki...

If your IPS drops regularly particular users or connections it might be good to check other logs of moodle and server to find out what actually happened.

Another thing is that when people save something that is copied or uploaded from net or other programs you may sometimes find malicious links, worms/viruses, iframe attacks, injected images or direct attack attempts ... and sometimes false positive alerts.

Moodle may have some vulnerabilities that nobody has noticed before (for example latest upgrade fixes several of them) but the links you gave can be considered "false alerts" - in my opinion...

Server access logs, error logs and auth logs may show more info about bots or direct attacks from particular ips - and you might check once more that settings of http://docs.moodle.org/en/Security_overview are ok.