22 matches found
EUVD-2025-19184
Malicious code in bioql PyPI...
EUVD-2025-14928
Malicious code in bioql PyPI...
EUVD-2025-14924
Malicious code in bioql PyPI...
EUVD-2025-14927
Malicious code in bioql PyPI...
Drupal Enterprise MFA - TFA for Drupal 安全漏洞
Drupal Enterprise MFA - TFA for Drupal is a module plugin in the Drupal content management system from the Drupal community. A security vulnerability exists in Drupal Enterprise MFA - TFA for Drupal versions prior to 4.8.0, prior to 5.2.1, prior to 5.0., and prior to 5.1. that stems from an...
CVE-2025-47706
Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47708
Cross-Site Request Forgery CSRF vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47707
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47710
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47710
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47709
Missing Authorization vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Forceful Browsing.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47708
Cross-Site Request Forgery CSRF vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47706
Authentication Bypass by Capture-replay vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Remote Services with Stolen Credentials.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47707
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47707
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47710 Enterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-056
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Authentication Bypass.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...
CVE-2025-47710
The CVE-2025-47710 entry covers an Authentication Bypass Using an Alternate Path or Channel vulnerability in the Drupal module Enterprise MFA - TFA for Drupal. Affected versions are 0.0.0 through 4.6.x and 5.0.0 through 5.1.x; versions 4.7.0 and 5.2.0 (and later) contain fixes. The root cause is ...
CVE-2025-47709
The CVE-2025-47709 issue affects Drupal Enterprise MFA - TFA for Drupal. A Missing Authorization vulnerability allows Forceful Browsing via unauthenticated access to sensitive routes. Affected versions are 0.0.0 through 4.6.x (prior to 4.7.0) and 5.0.0 through 5.1.x (prior to 5.2.0). Impact detai...
CVE-2025-47708
CVE-2025-47708 is a Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal. Affects Enterprise MFA - TFA for Drupal versions: 0.0.0 up to, but not including, 4.7.0 and 5.0.0 up to, but not including, 5.2.0. Remediation: upgrade to 4.7.0 or later for the 0.x seri...
Drupal Enterprise MFA - TFA for Drupal 跨站请求伪造漏洞
Drupal Enterprise MFA - TFA for Drupal is a module plugin in the Drupal content management system from the Drupal community. A security vulnerability exists in Drupal Enterprise MFA - TFA for Drupal versions prior to 5.2.0 that stems from vulnerability to cross-site request forgery attacks...