Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

DrupalCSRF

high
7.5
First published (updated )
CVE-2006-5476

Red Hat FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability

high
7.5
Exploited
First published (updated )
CVE-2020-36193

composer/drupal/coreDrupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003

high
7.5
EPSS
0.06%
First published (updated )
CVE-2025-31674

composer/drupal/coreDrupal core Un-restricted Upload of File

high
8.8
Exploited
First published (updated )
CVE-2020-13671

Red Hat FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

high
7.8
Exploited
First published (updated )
CVE-2020-28949

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/drupal/coreDrupal Core Remote Code Execution Vulnerability

high
8.1
Exploited
First published (updated )
CVE-2019-6340

Oracle Financial Services Liquidity Risk Measurement and ManagementXSS, Input Validation

high
7.5
Exploited
First published (updated )
CVE-2019-11358

composer/drupal/coreInput Validation

high
7.5
First published (updated )
CVE-2022-25273

composer/drupal/coreMalicious File Upload

high
7.2
First published (updated )
CVE-2022-25277

composer/drupal/coreDrupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012

high
7.5
First published (updated )
CVE-2022-25275

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DrupalImage Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023

high
7.5
First published (updated )
CVE-2024-13259

DrupalDrupal Symfony Mailer Lite - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-014

high
8.8
First published (updated )
CVE-2024-13250

composer/drupal/coreDrupal core - Critical - Cache poisoning - SA-CORE-2023-006

high
7.5
First published (updated )
CVE-2023-5256

Oracle Primavera GatewayXSS in `*Text` options of the Datepicker widget

high
7.2
First published (updated )
CVE-2021-41183

Oracle UnifierXSS in the `of` option of the `.position()` util

high
7.2
First published (updated )
CVE-2021-41184

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Oracle UnifierXSS in the `altField` option of the Datepicker widget

high
7.2
First published (updated )
CVE-2021-41182

Oracle Banking APIsAdvanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML

high
8.2
First published (updated )
CVE-2021-41164

Oracle Banking APIsHTML comments vulnerability allowing to execute JavaScript code

high
8.2
First published (updated )
CVE-2021-41165

composer/drupal/drupalthird-party PEAR Archive_Tar library updates

high
8
First published (updated )
CVE-2019-6338

DrupalInput Validation

high
7.5
First published (updated )
CVE-2013-6389

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Angrydonuts NodequeueNodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict…

high
7.5
First published (updated )
CVE-2009-2075

Brian Miller Taxonomy TimerSQL Injection

high
7.5
First published (updated )
CVE-2009-4296

Morbus Iff ActivismThe Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Camp…

high
7.5
First published (updated )
CVE-2012-4498

Fast Permissions AdministrationThe Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.3 for Dru…

high
7.5
First published (updated )
CVE-2013-2247

David Alkire Drag & Drop GallerySQL Injection

high
7.5
First published (updated )
CVE-2012-4479

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PEAR XML-RPCCode Injection

high
7.5
First published (updated )
CVE-2005-1921

DrupalUnknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registratio…

high
7.5
First published (updated )
CVE-2005-1871

DrupalDrupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations s…

high
7.5
First published (updated )
CVE-2006-2831

DrupalSQL Injection, Input Validation

high
7.5
First published (updated )
CVE-2007-6299

DrupalUnrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 200701…

high
8.5
First published (updated )
CVE-2007-0505

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203