Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Prion
Prionadded 2014/11/24 3:59 p.m.31 views

Cross site request forgery (csrf)

The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes aka phpass module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service CPU and memory consumption via a crafted request...

5CVSS6.8AI score0.79786EPSS
Exploits3References9Affected Software3
CVE
CVEadded 2014/11/24 3:0 p.m.163 views

CVE-2014-9016

CVE-2014-9016 affects Drupal 7.x prior to 7.34 and the Secure Password Hashes (phpass) module 6.x-2.x prior to 6.x-2.1. The issue is a denial-of-service condition caused by the password hashing API, where a crafted request can exhaust CPU and memory. Remediation is to update to Drupal 7.34+ and p...

5CVSS6AI score0.79786EPSS
Exploits3References9Affected Software2
ArchLinux
ArchLinuxadded 2014/11/20 12:0 a.m.46 views

drupal: session hijacking and denial of service

Custom configured session.inc and password.inc need to be audited as well to verify if they are prone to the following vulnerabilities. More information can be found in the upstream advisory 0. - CVE-2014-9015 session hijacking Aaron Averill discovered that a specially crafted request can give a...

6.8CVSS2.2AI score0.79786EPSS
Exploits3References4
Rows per page
Query Builder