EUVD-2022-4240

Malicious code in bioql PyPI...

Drupal 11.0.x < 11.0.8 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - Drupal uses JavaScript to render status messages in some cases and configurations. In certain situations, the status messages are not adequately sanitized. - Drupal core...

Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005

Drupal 7 core's Overlay module doesn't safely handle user input, leading to reflected cross-site scripting under certain circumstances. Only sites with the Overlay module enabled are affected by this vulnerability...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the presence of a null pointer dereference in the ovl module copy warning...

Debian: Security Advisory (DLA-548-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Open Redirect

Overview drupal/drupal is an open source content management platform powering millions of websites and applications. Affected versions of this package are vulnerable to Open Redirect via the Overlay module due to insufficient validation of the URLs prior to displaying their contents. Remediation...

Drupal has open redirect vulnerability in the Overlay module

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

GHSA-HXG2-5C8P-PPWM Drupal has open redirect vulnerability in the Overlay module

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2019-12741

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...

CVE-2019-12741

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...

CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

UBUNTU-CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

CVE-2015-7943 describes an open redirect vulnerability in Drupal 7.x where the Overlay module does not sufficiently validate URLs, enabling redirects to arbitrary sites and phishing via unspecified vectors. Affected are: Drupal core Overlay module in 7.x before 7.41; the jQuery Update module (7.x...

CVE-2015-7943

Removed by vendor...

Debian DSA-3897-1 : drupal7 - security update

Two vulnerabilities were discovered in Drupal, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-7943 Samuel Mortenson and Pere Orga discovered that the overlay module does not sufficiently validate URLs...

[SECURITY] [DSA 3897-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3897-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 24, 2017 https://www.debian.org/security/faq -...

Drupal 7.x < 7.41 Overlay Module Open Redirect

Binary data 9219.prm...

Mageia: Security Advisory (MGASA-2015-0425)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Drupal core Overlay module open redirect vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Overlay is one of the modules that displays the Drupal administration interface at the top of the page. An open redirect vulnerability exists in the Overlay module in Drupal core 7.41 a...