Filters
Versions
7.0
89
6.0
73
7.0-alpha1
55
7.0-alpha2
55
7.0-alpha3
55
7.0-alpha4
55
7.0-alpha5
55
7.0-alpha6
55
7.0-alpha7
55
7.0-dev
55
7.1
55
7.2
55
6.1
54
6.2
54
7.0-beta1
54
7.0-beta2
54
7.0-beta3
54
7.0-rc1
54
7.0-rc2
54
7.0-rc3
54
7.0-rc4
54
7.10
54
6.3
52
7.3
52
7.4
52
7.11
51
7.12
51
7.5
50
7.6
50
7.7
50
7.8
50
7.9
50
5.0
49
7.13
48
6.4
47
7.14
46
6.5
45
7.15
44
6.0-beta2
43
6.0-beta3
43
6.0-beta4
43
6.10
43
6.6
43
6.0-beta1
42
7.16
42
7.17
42
6.11
41
6.7
41
6.8
41
6.12
40
6.14
40
6.9
40
7.18
40
6.13
39
7.x-dev
39
6.15
38
6.0-dev
37
6.16
37
6.17
37
7.19
37
6.0-rc1
36
6.0-rc2
36
6.0-rc3
36
6.0-rc4
36
7.20
36
7.21
36
7.22
36
7.23
36
8.0.0
34
6.20
32
6.18
31
7.24
31
6.19
30
6.21
30
6.22
30
5.1
29
6.23
29
7.25
29
7.26
29
7.27
29
7.28
29
6.24
28
6.25
27
6.26
27
5.2
26
7.29
25
7.30
25
6.27
24
4.6.1
23
5.4
23
5.3
22
6.28
22
7.33
22
7.34
22
4.6.0
21
5.7
20
7.35
20
7.36
20
7.37
20
4.6.2
19
4.6.3
19
6.29
19
6.30
19
6.31
19
5.5
18
5.6
18
5.8
18
5.9
18
4.5.1
17
5.10
17
6.32
17
4.5.2
16
4.6.4
16
7.38
16
8.9.0
16
4.5.3
15
4.6.5
15
4.7.0
15
4.6
14
4.6.6
14
4.7.1
14
6.33
14
6.34
14
8.8.0
14
9.0.0
14
4.7.2
13
5.11
13
9.2.0
13
9.3.0
13
4.6.7
12
6.35
12
7.31
12
7.32
12
8.0.1
12
8.0.2
12
8.0.3
12
4.5.4
11
4.5.5
11
4.6.8
11
4.7
11
4.7.3
11
5.12
11
5.1_rev1.1
11
6.36
11
7.40
11
8.5.0
11
4.5.0
10
5.0-beta1
10
5.0-beta2
10
5.0-rc1
10
5.0-rc2
10
7.41
10
8.0.0-alpha10
10
8.0.0-alpha11
10
8.0.0-alpha12
10
8.0.0-alpha13
10
8.0.0-alpha14
10
8.0.0-alpha15
10
8.0.0-alpha2
10
8.0.0-alpha3
10
8.0.0-alpha4
10
8.0.0-alpha5
10
8.0.0-alpha6
10
8.0.0-alpha7
10
8.0.0-alpha8
10
8.0.0-alpha9
10
8.0.0-beta1
10
8.0.0-beta10
10
8.0.0-beta11
10
8.0.0-beta12
10
8.0.0-beta13
10
8.0.0-beta14
10
8.0.0-beta15
10
8.0.0-beta16
10
8.0.0-beta2
10
8.0.0-beta3
10
8.0.0-beta4
10
8.0.0-beta6
10
8.0.0-beta7
10
8.0.0-beta9
10
8.0.0-rc1
10
8.0.0-rc2
10
8.0.0-rc3
10
8.0.0-rc4
10
4.6.9
9
5.13
9
5.14
9
5.15
9
5.16
9
7.42
9
8.0.4
9
8.0.5
9
8.0.6
9
8.1.0
9
8.1.0-beta1
9
8.1.0-beta2
9
8.1.0-rc1
9
8.1.1
9
8.1.2
9
8.6.0
9
9.1.0
9
4.4.1
8
4.4.2
8
4.5
8
4.5.6
8
4.7.4
8
5.5.
8
6.0-rc-1
8
6.0-rc-2
8
6.0-rc-3
8
6.0-rc-4
8
6.37
8
8.1.3
8
8.1.4
8
8.1.5
8
8.1.6
8
8.1.7
8
8.1.8
8
8.1.9
8
4.5.7
7
4.7.5
7
4.7.6
7
8.2.0
7
8.2.0-beta1
7
8.2.0-beta2
7
8.2.0-beta3
7
8.2.0-rc1
7
8.2.0-rc2
7
8.2.1
7
4.0.0
6
4.6.10
6
8.2.2
6
8.4.0
6
8.7.0
6
4.1.0
5
4.2.0_rc
5
4.4.0
5
4.4.3
5
4.5.8
5
4.6.11
5
4.7.7
5
4.7.8
5
5.17
5
5.18
5
5.19
5
5.20
5
8.1.10
5
9.4.0
5
4.4
4
4.7.10
4
4.7.9
4
4.7_rev1.15
4
4.7_rev_1.15
4
4.7_rev_1.2
4
5.0-dev
4
5.21
4
5.22
4
7.39
4
7.43
4
8.2.3
3
8.2.4
3
8.2.5
3
8.2.6
3
4.0
2
5.23
2
5.x-dev
2
7.44
2
7.50
2
7.51
2
9.4.0-alpha1
2
9.4.0-beta1
2
9.4.0-rc1
2
10.0
1
10.0.0
1
10.1.0
1
2023-05-09
1
4.7_revision_1.2
1
6
1
6-beta1
1
6.x-dev
1
7.0.0
1
7.57
1
7.70
1
7.82
1
7.x-1.0
1
7.x-1.0-rc1
1
7.x-1.0-rc2
1
7.x-1.1
1
7.x-1.2
1
7.x-1.3
1
7.x-1.4
1
8.0-alpha10
1
8.0-alpha11
1
8.0-alpha12
1
8.0-alpha13
1
8.0-alpha14
1
8.0-alpha15
1
8.0-alpha2
1
8.0-alpha3
1
8.0-alpha4
1
composer/drupal/corecore/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) …
5.3
First published (updated )
composer/drupal/coreDrupal contains a vulnerability with improper handling of structural elements. If this vulnerability…
7.5
EPSS
0.05%
First published (updated )
Drupal DrupalDrupal core - Critical - Cache poisoning - SA-CORE-2023-006
7.5
First published (updated )
Drupal DrupalThe file download facility doesn't sufficiently sanitize file paths in certain situations. This may …
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Drupal DrupalDrupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not c…
5.4
First published (updated )
Symfony TwigTwig may load a template outside a configured directory when using the filesystem loader
7.5
First published (updated )
composer/drupal/coreDrupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/drupal/coreDrupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
6.5
First published (updated )
Drupal DrupalFailure to strip the Cookie header on change in host or HTTP downgrade in Guzzle
7.5
First published (updated )
Drupal DrupalFix failure to strip Authorization header on HTTP downgrade in Guzzle
7.5
First published (updated )
composer/guzzlehttp/guzzleCross-domain cookie leakage in Guzzle
8.1
First published (updated )
composer/guzzlehttp/psr7Improper Input Validation in guzzlehttp/psr7
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Financial Services Analytical Applications InfrastructureCross-site Scripting in CKEditor4
5.4
First published (updated )
Oracle Financial Services Analytical Applications InfrastructureRegular expression Denial of Service in dialog plugin
7.5
First published (updated )
Drupal DrupalThe Quick Edit module does not properly check entity access in some circumstances. This could result…
6.5
First published (updated )
composer/drupal/coreUnder some circumstances, the Drupal core JSON:API module does not properly restrict access to certa…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/drupal/coreThe QuickEdit module does not properly check access to fields in some circumstances, which can lead …
6.5
First published (updated )
Drupal DrupalDrupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002
First published (updated )
Oracle Banking ApisHTML comments vulnerability allowing to execute JavaScript code
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Banking ApisAdvanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML
8.2
First published (updated )
Oracle Primavera GatewayXSS in `*Text` options of the Datepicker widget
7.2
First published (updated )
Oracle Primavera UnifierXSS in the `of` option of the `.position()` util
7.2
First published (updated )
Oracle Primavera UnifierXSS in the `altField` option of the Datepicker widget
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability
First published (updated )
Fedoraproject FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/drupal/coreDrupal core Un-restricted Upload of File
First published (updated )
composer/drupal/drupalDrupal core - Moderately critical - Access bypass - SA-CORE-2020-008
5.3
First published (updated )
composer/drupal/coreAccess bypass in Drupal Core 8/9
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/drupal/coreDrupal core - Moderately critical - Information disclosure - SA-CORE-2020-011
7.5
First published (updated )
composer/drupal/coreDrupal core - Less critical - Access bypass - SA-CORE-2020-006
9.8
First published (updated )
composer/drupal/drupalDrupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle REST Data ServicesPotential XSS vulnerability in jQuery
6.9
First published (updated )
Oracle Banking Digital ExperiencePotential XSS vulnerability in jQuery
6.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.