Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Chainguard
Chainguardadded 2026/05/23 1:17 a.m.9 views

CVE-2026-46640 vulnerabilities

Vulnerabilities for packages: drupal...

5.8AI score
Exploits0
Chainguard
Chainguardadded 2026/05/23 1:17 a.m.12 views

CVE-2026-46628 vulnerabilities

Vulnerabilities for packages: drupal...

5.8AI score
Exploits0
OSV
OSVadded 2017/06/29 9:40 p.m.5 views

MGASA-2017-0198 Updated drupal packages fix security vulnerability

Greg Knaddison, Mori Sugimoto and iancawthorne discovered that files uploaded by anonymous users into a private file system can be accessed by other anonymous users leading to an access bypass vulnerability CVE-2017-6922...

6.5CVSS6.4AI score0.01704EPSS
Exploits0References8
OSV
OSVadded 2016/12/07 11:48 a.m.6 views

MGASA-2016-0413 Updated drupal packages fix security vulnerability

Inconsistent name for term access query; information on taxonomy terms might have been disclosed to unprivileged users CVE-2016-9449. Confirmation forms allow external URLs to be injected CVE-2016-9451...

6.8CVSS5.4AI score0.00215EPSS
Exploits0References22
OSV
OSVadded 2016/07/08 7:50 p.m.3 views

MGASA-2016-0245 Updated drupal packages fix security vulnerabilities

Updated drupal packages fix security vulnerability: A vulnerability exists in the User module, where if some specific contributed or custom code triggers a rebuild of the user profile form, a registered user can be granted all user roles on the site. This would typically result in the user gainin...

7.4AI score
Exploits0References5
OSV
OSVadded 2014/11/26 5:29 p.m.9 views

MGASA-2014-0492 Updated drupal packages fix security vulnerabilities

Updated drupal packages fix security vulnerability: Aaron Averill discovered that a specially crafted request can give a user access to another user's session, allowing an attacker to hijack a random session CVE-2014-9015. Michael Cullum, Javier Nieto and Andres Rojas Guerrero discovered that the...

6.8CVSS6AI score0.79786EPSS
Exploits3References8
OSV
OSVadded 2014/10/25 8:23 p.m.9 views

MGASA-2014-0423 Updated drupal packages fix security vulnerability

An SQL Injection issue exists in Drupal before 7.32 due to the way the Drupal core handles prepared statements. A malicious user can inject arbitrary SQL queries, and thereby completely control the Drupal site. This vulnerability can be exploited by remote attackers without any kind of...

7.5CVSS7.4AI score0.94366EPSS
Exploits20References7
OSV
OSVadded 2014/08/12 9:16 a.m.1 views

MGASA-2014-0329 Updated drupal packages fix security vulnerability

A denial of service issue exists in Drupal before 7.31, due to XML entity expansion in a publicly accessible XML-RPC endpoint. The drupal package has been updated to version 7.31 to fix this issue and other bugs. See the upstream advisory and release notes for more details...

7.1AI score
Exploits0References8
Rows per page
Query Builder