Lucene search
K

21 matches found

OpenVAS
OpenVAS
added 2024/09/04 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-6981-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.84554EPSS
Exploits5References4
OSV
OSV
added 2024/09/03 3:12 p.m.4 views

USN-6981-2 drupal7 vulnerabilities

USN-6981-1 fixed vulnerabilities in Drupal. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7.4AI score0.84554EPSS
Exploits5References4
Ubuntu
Ubuntu
added 2024/08/27 4:57 p.m.32 views

USN-6981-1: Drupal vulnerabilities

It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2020-13671 It was discovered that Drupal incorrectly sanitized archived filenames. A remote attacker could possibly use this issue to overwrite...

8.8CVSS8.1AI score0.84554EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2024/08/27 12:0 a.m.31 views

Ubuntu 16.04 LTS : Drupal vulnerabilities (USN-6981-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6981-1 advisory. It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code...

8.8CVSS8.4AI score0.84554EPSS
Exploits5References4
RedhatCVE
RedhatCVE
added 2022/05/20 11:37 p.m.83 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

8.8CVSS3.9AI score0.04269EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2021/04/12 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-13671

Improper sanitization in the extension file names is present in Drupal core...

8.8CVSS7.3AI score0.04269EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/02 2:58 p.m.28 views

Security Bulletin: IBM API Connect's Developer Portal is vulnerable to arbitrary code excution in Drupal Core (CVE-2020-13671)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-13671 DESCRIPTION: Drupal Core could allow a remote attacker to execute arbitrary code on the system, caused by the failure to properly sanitize certain filenames on uploaded files. By...

8.8CVSS1.3AI score0.04269EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/15 12:0 a.m.39 views

Fedora 32 : drupal8 (2020-d50d74d6f2)

https://www.drupal.org/project/drupal/releases/8.9.11 - https://www.drupal.org/project/drupal/releases/8.9.10 - https://www.drupal.org/sa-core-2020-013 CVE-2020-28948 / CVE-2020-28949 - https://www.drupal.org/project/drupal/releases/8.9.9 - https://www.drupal.org/sa-core-2020-012 CVE-2020-13671 -...

8.8CVSS7AI score0.84554EPSS
Exploits5References16
OpenVAS
OpenVAS
added 2020/12/15 12:0 a.m.23 views

Fedora: Security Advisory for drupal8 (FEDORA-2020-6f1079934c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.3AI score0.04269EPSS
Exploits0References4
Circl
Circl
added 2020/11/20 6:42 p.m.17 views

CVE-2020-13671

creationtimestamp| type| source ---|---|--- 2020-11-20 18:42:49+00:00| seen| https://t.me/cibsecurity/16662 2020-11-20 18:45:49+00:00| seen| https://t.me/cKure/2918 2020-12-09 07:25:06+00:00| seen| https://t.me/cibsecurity/17408 2023-06-14 21:10:04+00:00| seen|...

8.8CVSS7.3AI score0.04269EPSS
Exploits0References8
OSV
OSV
added 2020/11/20 4:15 p.m.17 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

8.8CVSS8.7AI score0.04269EPSS
Exploits0References4
NVD
NVD
added 2020/11/20 4:15 p.m.21 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

8.8CVSS8.7AI score0.04269EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2020/11/20 3:40 p.m.3 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

6.8AI score0.04269EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/11/20 3:40 p.m.28 views

CVE-2020-13671

Removed by vendor...

8.8CVSS8.7AI score0.04269EPSS
Exploits0
CVE
CVE
added 2020/11/20 3:40 p.m.1439 views

CVE-2020-13671

CVE-2020-13671 affects Drupal Core. The issue arises from Drupal core not properly sanitizing certain uploaded filenames, causing files to be interpreted with an incorrect extension and served with the wrong MIME type or potentially executed as PHP under some hosting configurations. Affected vers...

8.8CVSS8.5AI score0.04269EPSS
In wildExploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2020/11/20 3:40 p.m.773 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

8.8CVSS8.8AI score0.04269EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.30 views

Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-012) - Linux

Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...

8.8CVSS9AI score0.04269EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.38 views

Debian: Security Advisory (DLA-2458-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.04269EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2020/11/20 12:0 a.m.32 views

CVE-2020-13671

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...

8.8CVSS3.7AI score0.04269EPSS
In wildExploits0References6
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.20 views

Drupal 7.x, 8.x, 9.x RCE Vulnerability (SA-CORE-2020-012) - Windows

Drupal is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...

8.8CVSS9AI score0.04269EPSS
Exploits0References3
Rows per page
Query Builder