Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/15 7:7 a.m.39 views

Security Bulletin: Multiple vulnerabilities in Drupal Core affect IBM API Management (CVE-2016-9449, CVE-2016-9450, CVE-2016-9451, CVE-2016-9452)

Summary Drupal is used by the Advanced Developer Portal in IBM API Management. IBM API Management has updated the level of Drupal it provides to address the applicable CVEs. Vulnerability Details CVEID: CVE-2016-9449 DESCRIPTION: Drupal Core could allow a remote authenticated attacker to obtain...

7.5CVSS0.7AI score0.01957EPSS
Exploits0Affected Software1
OpenVAS
OpenVASadded 2016/12/02 12:0 a.m.19 views

Fedora Update for drupal7 FEDORA-2016-ff9a74c6dc

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.01957EPSS
Exploits0References2
OpenVAS
OpenVASadded 2016/12/01 12:0 a.m.16 views

Drupal Multiple Vulnerabilities (Dec 2016) - Linux

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

7.5CVSS5.8AI score0.01957EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2016/11/25 6:59 p.m.18 views

CVE-2016-9450

The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context...

7.5CVSS7.1AI score0.01004EPSS
Exploits0References3
CVE
CVEadded 2016/11/25 6:0 p.m.115 views

CVE-2016-9450

Drupal core prior to 8.2.3 is affected by CVE-2016-9450 due to an incorrect cache context on the user password reset page, enabling cache-poisoning and potential content spoofing. The issue is fixed in Drupal 8.2.3 (upstream patch). Affected product: Drupal core (Drupal 8.x); root cause: failure ...

7.5CVSS7.3AI score0.01004EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2016/11/25 6:0 p.m.13 views

CVE-2016-9450

Removed by vendor...

7.5CVSS7.5AI score0.01004EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2016/11/21 12:0 a.m.176 views

Drupal 7.x < 7.52 / 8.x < 8.2.3 Multiple Vulnerabilities

The version of Drupal running on the remote web server is 7.x prior to 7.52 or 8.x prior to 8.2.3. It is, therefore, affected by the multiple vulnerabilities : - An information disclosure vulnerability exists in the taxonomy module when using access query tags that are inconsistent with the...

7.5CVSS5.8AI score0.01957EPSS
Exploits0References7
Drupal
Drupaladded 2016/11/16 12:0 a.m.659 views

Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-005

Description Inconsistent name for term access query Less critical - Drupal 7 and Drupal 8 Drupal provides a mechanism to alter database SELECT queries before they are executed. Contributed and custom modules may use this mechanism to restrict access to certain entities by implementing...

4.3CVSS6.2AI score0.01957EPSS
Exploits0References28
Rows per page
Query Builder