CVE-2026-3214

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal CAPTCHA allows Functionality Bypass.This issue affects CAPTCHA: from 0.0.0 before 1.17.0, from 2.0.0 before 2.0.10...

CVE-2026-3214

CVE-2026-3214 affects Drupal CAPTCHA. Affected: Drupal CAPTCHA versions 0.0.0–1.16.9 and 2.0.0–2.0.9. Root cause: insufficient invalidation of security tokens, enabling a functionality bypass where an attacker can bypass CAPTCHA on subsequent submissions after solving at least one CAPTCHA manuall...

CVE-2025-9550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Facets allows Cross-Site Scripting XSS.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1...

CVE-2025-9549

Drupal Facets is affected by a Missing Authorization vulnerability enabling forceful browsing in certain older versions. Affected ranges are Facets 0.0.0 through 2.0.9 and 3.0.0 through 3.0.0; the issue is fixed by upgrading to 2.0.10+ or 3.0.1+. No exploitation details are provided in the source...

PT-2023-16370 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.10 Description: The issue is related to improper neutralization of input during web page generation, also known as cross-site scripting. This could potentially allow for static code injection. Recommendations: Fo...

Realtek RTL8195AM 缓冲区错误漏洞

The Realtek RTL8195AM is an IoT microcontroller from Realtek Semiconductor Realtek of Taiwan, China. A buffer error vulnerability exists in Realtek RTL8195AM versions prior to 2.0.10, which stems from a buffer overflow vulnerability in the incorrect IE length of the device's processing of HT...