Lucene search
K

630 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:44 a.m.7 views

CVE-2017-6921

In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services rest module enabled, the file REST resource is enabled and allows PATCH requests, and an attacker can get or...

5.9CVSS6.5AI score0.01834EPSS
Exploits0References1
NVD
NVD
added 2025/11/18 5:15 p.m.9 views

CVE-2025-12761

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Simple multi step form allows Cross-Site Scripting XSS.This issue affects Simple multi step form: from 0.0.0 before 2.0.0...

3.5CVSS0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 11:14 p.m.2 views

CVE-2025-12466 Simple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Simple OAuth OAuth2 & OpenID Connect allows Authentication Bypass.This issue affects Simple OAuth OAuth2 & OpenID Connect: from 6.0.0 before 6.0.7...

6.6AI score0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 11:14 p.m.2 views

CVE-2025-12083 CivicTheme Design System - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-113

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...

5.5AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2025/10/29 11:14 p.m.4 views

CVE-2025-10929 Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111

Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables.This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2...

5.3CVSS5.9AI score0.00276EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/29 11:13 p.m.3 views

CVE-2025-10927 Plausible tracking - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-107

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Plausible tracking allows Cross-Site Scripting XSS.This issue affects Plausible tracking: from 0.0.0 before 1.0.2...

5.5AI score0.00177EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/11 12:30 a.m.5 views

EUVD-2025-33788

Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...

6.4AI score0.00234EPSS
Exploits0References2
NVD
NVD
added 2025/10/10 11:15 p.m.5 views

CVE-2025-9552

Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...

5.3CVSS0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/10 10:25 p.m.11 views

CVE-2025-9552 Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102

Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...

0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/10 10:25 p.m.2 views

CVE-2025-9552 Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102

Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...

6.5AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2025/10/10 10:25 p.m.11 views

CVE-2025-9552

CVE-2025-9552 concerns the Drupal module Synchronize composer.Json With Contrib Modules . Public descriptions in connected documents indicate a vulnerability affecting the module in general (versions not specified). The NVD/NVD-derived metrics show a CVSS 3.1 base score of 5.3 (Medium) with an at...

5.3CVSS6.5AI score0.00234EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.3 views

Drupal Authenticator Login 安全漏洞

Drupal Authenticator Login is a Drupal community authentication login module or feature for Drupal. A security vulnerability exists in Drupal Authenticator Login version 0.0.0 through versions prior to 2.1.8 that stems from bypassing authentication using an alternate path or channel, which could...

8.8CVSS6.8AI score0.00326EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-3754

Malware in sbrugna...

3.5CVSS6.4AI score0.01036EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-3751

Malware in sbrugna...

4.3CVSS6.4AI score0.01263EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-0852

Malware in sbrugna...

6.8CVSS6.1AI score0.00922EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2211

Malware in sbrugna...

4.3CVSS6.4AI score0.01521EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-8122

Malware in sbrugna...

2.6CVSS6.4AI score0.01316EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-5443

Malware in sbrugna...

2.1CVSS6.4AI score0.01405EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-1498

Malware in sbrugna...

4.3CVSS6.4AI score0.01033EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2009-2031

Malware in sbrugna...

6.4CVSS6.4AI score0.01222EPSS
Exploits0References6
Rows per page
Query Builder