3 matches found
CVE-2026-13244
CVE-2026-13244 concerns the Drupal module for Tealium iQ Tag Management. The vulnerability arises from Improperly Controlled Modification of Dynamically-Determined Object Attributes in the module, allowing PHP object injection via data stored as serialized strings in the tealiumiq field. Affected...
CVE-2026-12535
The CVE-2026-12535 entry concerns Drupal’s Formatter Field module, affected versions 0.0.0–2.0.0. The vulnerability arises from PHP-serialized data stored in the formatter_field field, which can be written maliciously and later unserialized, enabling Object Injection. Exploitation requires the at...
CVE-2025-14341 Input Data Manipulation in DivvyDrive Information Technologies' DivvyDrive
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...